Apple Known Exploited Vulnerability - 20251219001¶
Overview¶
Apple have released security updates for multiple products resolving a use-after-free vulnerability in WebKit. Successful exploitation may lead to arbitrary code execution when processing maliciously crafted web content.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| - iOS - iPadOS - macOS - Safari |
- iOS versions prior to 26.2 and 18.7.3 - iPadOS versions prior to 26.2 and 18.7.3 - macOS versions prior to Tahoe 26.2 - Safari versions prior to 26.2 |
CVE-2025-43529 | 8.8 | High |
What has been observed?¶
CISA added this vulnerability in their Known Exploited Vulnerabilities catalog. The WASOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):
- Apple Security: https://support.apple.com/en-us/100100