CVE-2025-43280

📊 4.7 MEDIUM⚡ 0.0%🎯 0 exploits

📅 Published Oct 15, 2025

📋 Status: Modified

The issue was resolved by not loading remote images This issue is fixed in iOS 18.6 and iPadOS 18.6. Forwarding an email could display remote images in Mail in Lockdown Mode.

CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0

🎯 Affected Products & Systems

2 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
💻OS	apple	ipados	< 18.6	Vulnerable	cpe:2.3:o:apple:ipados::::::::
💻OS	apple	iphone os	< 18.6	Vulnerable	cpe:2.3:o:apple:iphone_os::::::::

💻

apple / ipados

Operating System

Vulnerable

Version: < 18.6

CPE:

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

💻

apple / iphone os

Operating System

Vulnerable

Version: < 18.6

CPE:

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Metrics

4.7 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

NONE

User Interaction:

REQUIRED

Confidentiality:

LOW

Integrity:

NONE

Availability:

NONE

Scope:

CHANGED

🔍 Technical Details

Analysis Status

Modified

CVSS Details

4.7 (MEDIUM)v3.1

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

EPSS Details

0.0% (Minimal)8.3th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Oct 15, 2025 (16 days ago)

Last Modified

Oct 16, 2025 (15 days ago)

Security Weaknesses2

CWE-940

References2

NVDgeneral