CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 3, 2026

CVE-2025-43510

High

EPSS 0.5%CISA KEV

Apple/Multiple Products

Description

Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.

EPSS — Exploit Probability

0.5%

Higher than 64.1% of all CVEs

Required Action

https://support.apple.com/en-us/125632 ; https://support.apple.com/en-us/125633 ; https://support.apple.com/en-us/125634 ; https://support.apple.com/en-us/125635 ; https://support.apple.com/en-us/125636 ; https://support.apple.com/en-us/125637 ; https://support.apple.com/en-us/125638 ; https://support.apple.com/en-us/125639 ; https://nvd.nist.gov/vuln/detail/CVE-2025-43510

CVE-2025-43510

Description

EPSS — Exploit Probability

Required Action

Related Articles (6)

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

New “Darksword” iOS exploit used in infostealer attack on iPhones

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

CISA orders feds to patch DarkSword iOS flaws exploited attacks

Risk Assessment

Details

Timeline

Affected Product

External Links