CVE-2025-43537

MEDIUM

iPadOS < 18.7.5 - Path Traversal via Malicious Backup File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-43537. PoCs published by hawkeye-bd.

AI-analyzed exploit summary This repository documents the responsible disclosure of CVE-2025-43537, a path handling issue in Apple's Books component. It includes vulnerability details, timeline, and references to Apple's security advisory but does not contain exploit code or technical deep dive.

Description

A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.

Exploits (1)

github WRITEUP
by hawkeye-bd · poc
https://github.com/hawkeye-bd/CVE-2025-43537

This repository documents the responsible disclosure of CVE-2025-43537, a path handling issue in Apple's Books component. It includes vulnerability details, timeline, and references to Apple's security advisory but does not contain exploit code or technical deep dive.

Classification
Writeup 100%
Attack Type
Other
Complexity
N/a
Reliability
N/a
Target: Apple Books (iOS 26.2, iPadOS 26.2)
No auth needed
mistral-large-3 · analyzed Jun 08, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 5.5
EPSS 0.0047
EPSS Percentile 37.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (4)
Apple/iOS and iPadOS < 18.7.5
Apple/iOS and iPadOS < 26.2
apple/ipados < 18.7.5
apple/iphone_os < 18.7.5
Published Feb 11, 2026
Tracked Since Feb 18, 2026