THE Known Exploited Vulnerabilities Catalog lists CVE-2025-43520 as an Apple Multiple Products classic buffer overflow vulnerability that could allow a malicious application to cause an unexpected system termination or write kernel memory, affecting watchOS, iOS, iPadOS, macOS, visionOS, tvOS, and iPadOS. The entry notes that a “Known To Be Used in Ransomware Campaigns?” status is Unknown, and it provides mitigations with vendor instructions or guidance to discontinue use if mitigations are unavailable.
Date added to the KEV catalog is 20 March 2026, with a due date of 3 April 2026. According to CISA, the action recommended is to apply mitigations per vendor instructions and follow applicable guidance for cloud services. The entry also includes related support links and references to the NVD page for CVE-2025-43520. Stay vigilant and ensure vulnerability management prioritisation uses the KEV as a trusted input.