Apple Products Multiple Vulnerabilities

Release Date: 15 Dec 2025

RISK: Extremely High Risk

TYPE: Operating Systems - Mobile & Apps

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, elevation of privilege, spoofing, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

 

Note:

CVE-2025-14174 is being exploited in the wild. The vulnerability is caused by out of bounds memory access in ANGLE which could lead to memory corruption. It allows remote attackers to trigger out-of-bounds memory access via a malicious HTML page, potentially leading to arbitrary code execution in browsers.

 

CVE-2025-43529 is being exploited in an extremely sophisticated attack against specific targeted individuals. The vulnerability is a WebKit use-after-free remote code execution flaw that can be exploited by processing maliciously crafted web content. 

 

Hence, the risk level is rated as Extremely High Risk.

---

Impact

• Denial of Service
• Elevation of Privilege
• Security Restriction Bypass
• Information Disclosure
• Data Manipulation
• Spoofing
• Remote Code Execution

---

System / Technologies affected

• Versions prior to iOS 26.2 and iPadOS 26.2
• Versions prior to iOS 18.7.3 and iPadOS 18.7.3
• Versions prior to macOS Sonoma 14.8.3
• Versions prior to macOS Sequoia 15.7.3
• Versions prior to macOS Tahoe 26.2
• Versions prior to tvOS 26.2
• Versions prior to watchOS 26.2
• Versions prior to visionOS 26.2
• Versions prior to Safari 26.2

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• iOS 26.2 and iPadOS 26.2
• iOS 18.7.3 and iPadOS 18.7.3
• macOS Sonoma 14.8.3
• macOS Sequoia 15.7.3
• macOS Tahoe 26.2
• tvOS 26.2
• watchOS 26.2
• visionOS 26.2
• Safari 26.2

---

Vulnerability Identifier

• CVE-2024-7264
• CVE-2024-8906
• CVE-2025-5918
• CVE-2025-9086
• CVE-2025-14174
• CVE-2025-43320
• CVE-2025-43410
• CVE-2025-43416
• CVE-2025-43428
• CVE-2025-43463
• CVE-2025-43475
• CVE-2025-43482
• CVE-2025-43501
• CVE-2025-43509
• CVE-2025-43511
• CVE-2025-43512
• CVE-2025-43513
• CVE-2025-43514
• CVE-2025-43516
• CVE-2025-43517
• CVE-2025-43518
• CVE-2025-43519
• CVE-2025-43521
• CVE-2025-43522
• CVE-2025-43523
• CVE-2025-43526
• CVE-2025-43527
• CVE-2025-43529
• CVE-2025-43530
• CVE-2025-43531
• CVE-2025-43532
• CVE-2025-43533
• CVE-2025-43535
• CVE-2025-43536
• CVE-2025-43538
• CVE-2025-43539
• CVE-2025-43541
• CVE-2025-43542
• CVE-2025-46276
• CVE-2025-46277
• CVE-2025-46278
• CVE-2025-46279
• CVE-2025-46281
• CVE-2025-46282
• CVE-2025-46283
• CVE-2025-46285
• CVE-2025-46287
• CVE-2025-46288
• CVE-2025-46289
• CVE-2025-46291
• CVE-2025-46292

---

Source

• Apple

---

Related Link

• https://support.apple.com/en-us/125884
• https://support.apple.com/en-us/125885
• https://support.apple.com/en-us/125886
• https://support.apple.com/en-us/125887
• https://support.apple.com/en-us/125888
• https://support.apple.com/en-us/125889
• https://support.apple.com/en-us/125890
• https://support.apple.com/en-us/125891
• https://support.apple.com/en-us/125892