CISA has added CVE‑2025‑43510 to its Known Exploited Vulnerabilities (KEV) catalogue. The entry concerns Apple’s watchOS, iOS, iPadOS, macOS, visionOS and tvOS and is described as an “Apple Multiple Products Improper Locking Vulnerability”. The flaw could let a malicious application cause unexpected changes in memory that is shared between processes.
The vulnerability is a privilege‑escalation issue arising from improper locking of shared memory. An attacker‑controlled app can manipulate memory regions used by other processes, potentially leading to code execution or data corruption. The CVSS v3.1 base score is 7.8, classifying it as HIGH. Apple has released patches for the affected platforms, and detailed mitigation guidance is available through Apple support advisories.
Because the entry appears in the KEV list, active exploitation has been confirmed in the wild. While there is no public evidence linking the flaw to ransomware activity, the confirmed exploitation underscores the urgency of remediation. CISA has set a remediation deadline of 3 April 2026 for affected federal entities.
CISA’s required action is to “apply mitigations per vendor instructions, follow applicable BOD 22‑01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable”. The directive applies directly to Federal Civilian Executive Branch (FCEB) agencies, but any organisation running the listed Apple operating systems should assess exposure and implement the recommended mitigations without delay.
For the full technical description, severity metrics and mitigation steps, refer to the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2025-43510 and the CISA KEV catalogue.