CVE-2025-43520 - Vulnerability Analysis
MediumCVSS: 5.5Last Updated: March 20, 2026
Overview
A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.
Severity & Score
Social Media Activity(8 posts)
Unfortunately it looks like https://github.com/opa334/darksword-kexploit/blob/main/src/main.m was patched in iOS 26.1b4, the exact build I happened to leave my test device on... I might play around with it on my Mac or in one of the new iOS pccvre VMs though.
View original post
There has been a lot of sloppy reporting regarding DarkSword, with basically every news outlet saying that iOS 18 is vulnerable. It’s not, if you have the latest 18.7.3. Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain #iOS #DarkSword
View original post@peternlewis sloppy reporting, as usual. Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
View original post@mackuba Google has a more in-depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
View original post@helge the reporting on DarkSword is incredibly sloppy. Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
View original post@slightlyoff @owa Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
View original post@9to5Mac sloppy reporting, as usual. Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
View original post@evacide Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected. TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2). https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
View original postRelated Resources
Details
- CVE ID
- CVE-2025-43520
- Severity
- Medium
- CVSS Score
- 5.5
- EPSS
- 47.5%
- Social Posts
- 8