CVE-2025-43407

HIGH

iPadOS < 26.1 - Improper Access Control via Sandbox Escape

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-43407. PoCs published by mranonymous234.

AI-analyzed exploit summary The repository contains a GitHub Actions workflow for building an iOS IPA but lacks actual exploit code or technical details about CVE-2025-43407. It appears to be a placeholder or lure for downloading a pre-built artifact.

Description

This issue was addressed with improved entitlements. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. An app may be able to break out of its sandbox.

Exploits (1)

nomisec SUSPICIOUS

by mranonymous234 · poc

https://github.com/mranonymous234/Sandbox-Escape-iOS-18.0-26.0

View Code ZIP pw:eip

The repository contains a GitHub Actions workflow for building an iOS IPA but lacks actual exploit code or technical details about CVE-2025-43407. It appears to be a placeholder or lure for downloading a pre-built artifact.

Classification

Suspicious 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: iOS 18.0-26.0

No auth needed

Prerequisites: iOS device for sideloading · GitHub Actions access

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (7)

Core 7

Core References

https://support.apple.com/en-us/125633

Vendor Advisory

https://support.apple.com/en-us/125634