-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-12-12-2025-2 iOS 18.7.3 and iPadOS 18.7.3
iOS 18.7.3 and iPadOS 18.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/125885. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing a file may lead to memory corruption Description: The issue was addressed with improved bounds checks. CVE-2025-43539: Michael Reeves (@IntegralPilot) Call History Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker may be able to spoof their FaceTime caller ID Description: An inconsistent user interface issue was addressed with improved state management. CVE-2025-46287: an anonymous researcher, Riley Walz curl Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Multiple issues in curl Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-7264 CVE-2025-9086 FaceTime Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Password fields may be unintentionally revealed when remotely controlling a device over FaceTime Description: This issue was addressed with improved state management. CVE-2025-43542: Yiğit Ocak Foundation Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing malicious data may lead to unexpected app termination Description: A memory corruption issue was addressed with improved bounds checking. CVE-2025-43532: Andrew Calvano and Lucas Pinheiro of Meta Product Security Icons Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to identify what other apps a user has installed Description: A permissions issue was addressed with additional restrictions. CVE-2025-46279: Duy Trần (@khanhduytran0) Kernel Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to elevate privileges Description: A logic issue was addressed with improved checks. CVE-2025-43512: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs Kernel Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to gain root privileges Description: An integer overflow was addressed by adopting 64-bit timestamps. CVE-2025-46285: Kaitao Xie and Xiaolong Bai of Alibaba Group libarchive Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing a file may lead to memory corruption Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2025-5918 Messages Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access sensitive user data Description: An information disclosure issue was addressed with improved privacy controls. CVE-2025-46276: Rosyna Keller of Totally Not Malicious Software Screen Time Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access sensitive user data Description: A logging issue was addressed with improved data redaction. CVE-2025-43538: Iván Savransky Settings Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved checks. CVE-2025-43530: Mickey Jin (@patch1t) Telephony Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: This issue was addressed with additional entitlement checks. CVE-2025-46292: Rosyna Keller of Totally Not Malicious Software WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 300774 WebKit Bugzilla: 301338 CVE-2025-43535: Nan Wang (@eternalsakura13), Google Big Sleep WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A type confusion issue was addressed with improved state handling. WebKit Bugzilla: 301257 CVE-2025-43541: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 301371 CVE-2025-43501: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 301726 CVE-2025-43536: Nan Wang (@eternalsakura13) WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A race condition was addressed with improved state handling. WebKit Bugzilla: 301940 CVE-2025-43531: Phil Pizlo of Epic Games WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report. Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 302502 CVE-2025-43529: Google Threat Analysis Group WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-43529 was also issued in response to this report. Description: A memory corruption issue was addressed with improved validation. WebKit Bugzilla: 303614 CVE-2025-14174: Apple and Google Threat Analysis Group Additional recognition Siri We would like to acknowledge Richard Hyunho Im (@richeeta) at Route Zero Security (routezero.security) for their assistance. This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 18.7.3 and iPadOS 18.7.3". All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmk8h/kACgkQ4Ifiq8DH 7PX9DA/7BweYnSf3SVhwHiUZnubExwm2ehnTqt57QH/h4bO2R5TijNta+PPy5vHS OucPqy/dGznkSuPxvutxvHsgtIgltFZv/QE2CO6Zwz9ZN0AUe16Lq0eMEkfK+hZb jGyNO5bEi1jd3Uck3zOjCfV10wWW8F3kfalfnTvtlEb5lv3RY8xlvJkBBAeSzQMT FsS+IEXqgcuI0MuhBMD/c4iVVLSQTHKr+J2LOpWEKBWkVXR6YVFZuOKWoS7dd8jd 5aCP11dqmgzJzkUug0vGxbd3GilcirEe0c5nBE6xi3NuKTXCVb2/QncCmmvinmRA HiMy1vV88D8nkrQY9/wxQlaedpA2KZ/D55wrxJ58vXWQLXx18KH3RNdJ8K8B/adA g73hwrHXXsjLSBhpHfb5Tb80zjzMaAZzd3YIYAppTMoHvC8Avv6XsIhu3Zos6qIX qfz8qVmFMOgpNtOsaZcjAJrXikpblEqgYJzaYRq0Ip1JoroIl4u/LVW65mVZp8uF WQ1bmaqUXbjATqd/Z5uVOIRM+w5Sw8WIZI+dzWtycUUOLrPBfOSC5CFcgHRgtDrG SwYl5lOPy9y8fIq/DZw+RcRbN7b0oFNjSDw6AoFSu2uFDB58hL6FW6P5dt3BkNoI R3XRfTMSnLCGCO28dBbeKZumHAgwsf7g4elV+e6jVzLydBE1l0w= =jBIt -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
