🟢 CVE-2025-43529

CVE-2025-43529 is a use-after-free vulnerability in WebKit that affects client applications (Safari browser, iOS/iPadOS, tvOS, visionOS) when processing malicious web content. While actively exploited and on CISA KEV, this requires user interaction to visit malicious websites rather than direct exploitation of internet-facing servers.

← Back to Overview
LOW_RISK
Risk Level
9.8
CVSS Score
NETWORK
Attack Vector
Initial Access
ATT&CK Tactic
T1189 — Drive-by Compromise
ATT&CK Technique
LOW
Deployment Risk
No
Ransomware

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: USER_INTERACTION

CVE Published: 2025-12-17

Added to CISA KEV: 2025-12-15 0 DAY BETWEEN CVE AND KEV

🎯 Recommendations:

🔍 Web Intelligence (Kagi · 2025-12-17)

Here's what is known about the CVE-2025-43529 vulnerability exploitation:

  • Description: CVE-2025-43529 is a use-after-free vulnerability that exists in WebKit [2][3].
  • Impact: Successful exploitation could lead to arbitrary code execution when processing maliciously crafted web content [1][2].
  • Attack Vectors and Exploitation Method: An attacker can exploit this vulnerability by processing maliciously crafted web content [1][2]. The vulnerability is exploited through WebKit, the browser engine used by Safari and other applications [1][10].
  • Internet-Facing Applications/Services: The vulnerability exists in WebKit, making it likely to affect internet-facing applications that utilize this engine [2][3].
  • Active Exploitation: Apple is aware of reports that this issue has been actively exploited in targeted attacks [1][8].
  • Targeted Attacks: CVE-2025-43529 has been exploited in "extremely sophisticated attacks against specific targeted individuals" [6][8]. These attacks targeted specific iPhone users running iOS versions prior to 26 [9].
  • CISA Known Exploited Vulnerabilities (KEV) Status: CISA has added CVE-2025-43529 to its KEV catalog, indicating that it is a known exploited vulnerability and requires immediate attention [5][7]. They have set a deadline of January 5, 2026, for organizations to patch the vulnerability [3].
  • Technical Details/Exploitability: The vulnerability is considered easy to exploit remotely, without requiring authentication, but requires user interaction [4]. An exploit is available, with an estimated price between $25,000 and $100,000 [4]. The CVSSv3.1 score is 9.8 out of 10 [1]. The vulnerability was addressed with improved memory management [2].

Sources

  1. Zero‑Day Vulnerabilities in Apple WebKit | Cyber Security Agency of...

    CVE-2025-43529 has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10. Impact. Successful exploitation of the vulnerabilities could lead to the following: CVE‑2025‑43529: A use‑after‑free issue in WebKit that may allow remote code execution when processing maliciously crafted we…

  2. CVE-2025-43529 – Qualys ThreatPROTECT

    Tracked as CVE-2025-43529, the use-after-free vulnerability exists in WebKit. An attacker may exploit the vulnerability by processing maliciously crafted web content, leading to arbitrary code execution. The vulnerability was addressed with improved memory management.

  3. CVE-2025-43529 Apple iOS/iPadOS WebKit use after free (ID 125884)

    This vulnerability is traded as CVE-2025-43529. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. Successful exploitation requires user interaction by the victim. Technical details are unknown but an expl…

  4. Apple Warns of Zero-day Vulnerability Exploited in Attack (CVE-2025-43529)

    CISA added the CVE-2025-43529 to its Known Exploited Vulnerabilities Catalog, urging users to patch the vulnerability before January 5, 2026. Apple also addressed a recent Chrome zero-day vulnerability that Google had patched. CVE-2025-41474 is a memory corruption flaw in WebKit.

  5. CISA Adds Two Known Exploited Vulnerabilities to Catalog

    CVE-2025-43529 Apple Multiple Products Use-After-Free WebKit Vulnerability. These types of vulnerabilities are frequent attack vectors for ...Read more…

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

📄 Download JSON Data | 📡 RSS Feed