CVE-2025-43537
MEDIUMiPadOS < 18.7.5 - Path Traversal via Malicious Backup File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2025-43537. PoCs published by hawkeye-bd.
AI-analyzed exploit summary This repository documents the responsible disclosure of CVE-2025-43537, a path handling issue in Apple's Books component. It includes vulnerability details, timeline, and references to Apple's security advisory but does not contain exploit code or technical deep dive.
Description
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.
Exploits (1)
This repository documents the responsible disclosure of CVE-2025-43537, a path handling issue in Apple's Books component. It includes vulnerability details, timeline, and references to Apple's security advisory but does not contain exploit code or technical deep dive.
References (2)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N