CVE-2025-43362 is a security vulnerability affecting Apple's iOS and iPadOS operating systems, where a malicious application may be able to monitor user keystrokes without obtaining explicit user permission. This vulnerability arises from insufficient permission checks within the OS that allow an app to capture keystroke input covertly. Such unauthorized keystroke monitoring can lead to the exposure of sensitive information including passwords, personal messages, credit card numbers, and other confidential data entered via the device's keyboard. The issue was addressed by Apple through improved permission validation mechanisms and is fixed in iOS 18.7, iPadOS 18.7, and later versions including iOS 26 and iPadOS 26. The affected versions prior to these updates are unspecified but presumably include all versions before these patches. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet. The vulnerability's exploitation does not require user interaction beyond installing or running a malicious app, and it does not require authentication beyond app installation. This vulnerability represents a significant privacy and security risk, as it undermines the trust model of app permissions on Apple mobile devices.

For European organizations, this vulnerability poses a serious threat to data confidentiality and user privacy. Organizations relying on iOS and iPadOS devices for sensitive communications, remote work, or handling personal data could face data leakage risks if employees install malicious apps or if attackers manage to distribute compromised applications through third-party channels. The ability to capture keystrokes without permission could lead to credential theft, unauthorized access to corporate resources, and leakage of personally identifiable information (PII) protected under GDPR. This could result in regulatory fines, reputational damage, and operational disruptions. Sectors such as finance, healthcare, government, and critical infrastructure in Europe are particularly at risk due to the sensitivity of the data handled and the regulatory environment. Additionally, the covert nature of the keystroke monitoring makes detection difficult, increasing the risk of prolonged undetected data exfiltration.

European organizations should prioritize upgrading all iOS and iPadOS devices to version 18.7, 26, or later as soon as these updates are available to ensure the vulnerability is patched. Device management policies should enforce mandatory OS updates and restrict installation of apps from untrusted sources, including disabling sideloading where possible. Implement Mobile Device Management (MDM) solutions to monitor and control app installations and permissions rigorously. Conduct regular audits of installed applications and monitor for unusual app behavior indicative of keystroke logging. Educate users about the risks of installing unverified apps and the importance of applying system updates promptly. Additionally, implement network-level monitoring to detect anomalous outbound traffic that could indicate data exfiltration. For highly sensitive environments, consider restricting the use of iOS/iPadOS devices or deploying additional endpoint protection solutions capable of detecting keylogging behavior.