CVE-2025-43200

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-43200 is a vulnerability related to how Apple devices process maliciously crafted photos or videos shared via iCloud Link. A logic issue existed that could be exploited through a zero-click attack, meaning it could be triggered without any user interaction. Apple has acknowledged that this vulnerability may have been used in targeted attacks against specific individuals. The vulnerability was addressed with improved checks in iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1, and visionOS 2.3.1, released on February 10, 2025. Citizen Lab has found forensic evidence that this vulnerability was leveraged to deploy Paragon's Graphite spyware against journalists.

Description
-

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. Citizen Lab confirmed Paragon Solutions used Graphite spyware to target journalists via iMessage zero click exploit CVE-2025-43200. The silent hack gains root access, spying on camera, mic & data without user action. Media & rights defenders are at high risk. #CyberSecuri

    @SalimRootsec

    15 Jun 2025

    11 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 📱🔓 **New Alert in #CyberSecurity!** 🌐 Zero-click attacks on iOS are on the rise! The latest threat? Graphite spyware exploiting CVE-2025-43200! 🔍📲 Protect your devices before #malware takes control. Stay informed, stay secure!

    @WideWatchers

    15 Jun 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Apple patched a zero-click vulnerability (CVE-2025-43200) in its Messages app exploited to deploy Paragon's Graphite spyware, developed by an Israeli private sector offensive actor (PSOA). https://t.co/vgzkff6i1x

    @WalkureARCH

    14 Jun 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. New zero-click iOS exploit (CVE-2025-43200) just patched in iOS 18.3.1. Used to drop Paragon spyware on journalists’ phones via nothing more than a photo or video message. No tap, no click. If you haven’t updated yet, do it now. #infosec #zeroclick #iOS https://t.co/rWN0lvD2

    @jon_w_chapman

    14 Jun 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. #cybersecurity https://t.co/1FrQgG8m2

    @cybertzar

    14 Jun 2025

    41 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Actively exploited CVE : CVE-2025-43200

    @transilienceai

    13 Jun 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. Apple patched a zero-click flaw (CVE-2025-43200) in iOS 18.3.1 exploited to install Paragon Graphite spyware on European journalists' iPhones. Highlights the need for swift security updates against advanced threats. 📱🔒 #iOS #Spyware #Europe https://t.co/78pdQcFbdP

    @TweetThreatNews

    13 Jun 2025

    96 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) https://t.co/vENYeLqGla #HelpNetSecurity #Cybersecurity https://t.co/ySTmRwUHeB

    @PoseidonTPA

    13 Jun 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. #iOS zero-click attacks used to deliver #Graphite #spyware (CVE-2025-43200) https://t.co/0KtTN6vB2R

    @ScyScan

    13 Jun 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware Apple patched CVE-2025-43200, a zero-click Messages flaw exploited to deploy Paragon’s Graphite spyware against journalists, including Ciro Pellegrino. The vulnerability, fixed in February

    @dCypherIO

    13 Jun 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🗞️ Paragon’s Graphite spyware exploited a zero-day iOS flaw (CVE-2025-43200) via iMessage to target journalists’ iPhones in zero-click attacks. Apple patched the vulnerability in iOS 18.3.1, urging users to update immediately to prevent espionage. Key takeaways: 🧵 h

    @gossy_84

    13 Jun 2025

    81 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Security Alert: Apple patched a zero-click flaw (CVE-2025-43200) in Messages, exploited to spy on journalists with Paragon Graphite spyware. This bug, fixed in Feb 2025 updates, let attackers infect devices via iCloud links without interaction. Logistics firms using iOS devices h

    @tony3266

    13 Jun 2025

    88 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Apple Quietly Patches iOS Zero-Day (CVE-2025-43200) Exploited by Israeli Spyware Targeting Journalists https://t.co/wLfY3gwThh

    @the_yellow_fall

    13 Jun 2025

    232 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Apple patched a critical Messages flaw (CVE-2025-43200) exploited in zero-click attacks on European journalists by state-sponsored spyware Paragon using Graphite. Victims remained unaware of spyware. 🛡️ #AppleSecurity #ParagonSpyware #Europe https://t.co/ps4V8icRvl

    @TweetThreatNews

    13 Jun 2025

    39 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  15. Paragon’s Graphite mercenary spyware. IOS #Forensics iMessage CVE-2025-43200 IOC: "BIGPRETZEL" 46.183.184[.]91(EDIS Global) https://t.co/sotqPTltvu https://t.co/hTkOd0HrIt

    @blackorbird

    13 Jun 2025

    2388 Impressions

    5 Retweets

    19 Likes

    11 Bookmarks

    0 Replies

    1 Quote

  16. Paragon’s Graphite mercenary spyware. IOS #Forensics iMessage CVE-2025-43200 "BIGPRETZEL" https://t.co/sotqPTltvu https://t.co/TJn9Z2WneL

    @blackorbird

    13 Jun 2025

    90 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  17. イスラエル企業Paragonが、iPhoneのゼロデイ脆弱性(CVE-2025-43200)を悪用し、スパイウェア「Graphite」でヨーロッパのジャーナリスト複数名を標的にしていたことが発覚 https://t.co/1rgVmv1KT8 @nikkeimatomeより

    @nikkeimatome

    13 Jun 2025

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. iPhoneのゼロデイ脆弱性CVE-2025-43200を悪用してParagon社のGraphiteスパイウェアが欧州のジャーナリスト複数名に対して使用されていた。Citizen Lab報告。イタリア政府によるGraphiteの使用は既報で、同国政府はParagon社

    @__kokumoto

    12 Jun 2025

    1251 Impressions

    2 Retweets

    14 Likes

    5 Bookmarks

    0 Replies

    1 Quote

  19. zero-click attack deployed in these cases was mitigated as of iOS 18.3.1. If you need writeup or Source code send me dm It’s still working in iOS 17 and 18.1 That's #CVE-2025-43200 for the curious. Make sure to keep your iPhones up to date. https://t.co/okywpS1qYq https:

    @minacrissDev_

    12 Jun 2025

    642 Impressions

    0 Retweets

    1 Like

    2 Bookmarks

    0 Replies

    0 Quotes

  20. European journalists targeted with Paragon spyware via zero-click iOS attack exploiting CVE-2025-43200. Links to Graphite infrastructure raise concerns over government transparency. 🇮🇹🔍 #Spyware #Journalism #Italy https://t.co/SOxzeLZ4P0

    @TweetThreatNews

    12 Jun 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.