4.3 CVE-2025-43392
The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. A website may exfiltrate image data cross-origin.
https://nvd.nist.gov/vuln/detail/CVE-2025-43392
Categories
CWE-942 : Permissive Cross-domain Security Policy with Untrusted Domains
The product uses a web-client protectionmechanism such as a Content Security Policy (CSP) orcross-domain policy file, but the policy includes untrusteddomains with which the web client is allowed tocommunicate. Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.) Define a restrictive Content Security Policy [REF-1486] or cross-domain policy file. Avoid using wildcards in the CSP / cross-domain policy file. Any domain matching the wildcard expression will be implicitly trusted, and can perform two-way interaction with the target server. For Flash, modify crossdomain.xml to use meta-policy options such as 'master-only' or 'none' to reduce the possibility of an attacker planting extraneous cross-domain policy files on a server. Product has a Silverlight cross-domain policy that does not restrict access to another application, which allows remote attackers to bypass the Same Origin Policy. The default Flash Cross Domain policies in a product allows remote attackers to access user files. Chain: Adobe Flash Player does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks. Chain: Adobe Flash Player and earlier does not properly interpret policy files, which allows remote attackers to bypass a non-root domain policy. Chain: Adobe Flash Player does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.
References
product-security@apple.com
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* | < 26.1 | |
| cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* | < 26.1 | |
| cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* | < 26.1 | |
| cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* | < 26.1 | |
| cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* | < 26.1 | |
| cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* | < 26.1 | |
REMEDIATION
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
