First published 20 October 2025
CVSS:3.1: 8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A security vulnerability has been found in Webkit, a web browser engine used in IGEL OS. This affects the following product versions:
-
IGEL OS 12
-
IGEL OS 11
Details
It has been discovered that processing maliciously crafted web content with Webkit may lead to an unexpected process crash. This is known as CVE-2025-43343 and is rated as critical by CISA. IGEL downgrades the rating to high for the IGEL OS context, because there, Webkit is only used to access well-known URLs and not arbitrary web content.
Update Instructions
-
OS 12: Update to the OS 12 base system app in version 12.7.4 or newer when available from the IGEL App Portal.
-
OS 11: Update to IGEL OS version 11.11.100 when available.
References
-
CVE-2025-43343 at NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43343