{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-43222","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2025-04-16T15:24:37.090Z","datePublished":"2025-07-29T23:29:08.611Z","dateUpdated":"2026-04-02T18:11:30.576Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An attacker may be able to cause unexpected app termination"}]}],"affected":[{"vendor":"Apple","product":"iPadOS","versions":[{"version":"0","status":"affected","lessThan":"17.7.9","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"13.7.7","versionType":"custom"},{"version":"0","status":"affected","lessThan":"14.7.7","versionType":"custom"},{"version":"0","status":"affected","lessThan":"15.6","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination."}],"references":[{"url":"https://support.apple.com/en-us/124148"},{"url":"https://support.apple.com/en-us/124149"},{"url":"https://support.apple.com/en-us/124150"},{"url":"https://support.apple.com/en-us/124151"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:11:30.576Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-416","lang":"en","description":"CWE-416 Use After Free"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.8,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-07-30T13:30:24.156845Z","id":"CVE-2025-43222","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-31T17:58:23.534Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2025/Jul/34"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/33"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/32"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/31"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:01:14.756Z"}}]}}