CVE-2025-43300
Published Aug 21, 2025
Last updated 11 hours ago
AI description
CVE-2025-43300 is an out-of-bounds write vulnerability that exists within Apple's Image I/O framework. The vulnerability can be triggered when a device processes a maliciously crafted image file, which can lead to memory corruption. Successful exploitation of this vulnerability can occur when a program writes data outside of an allocated memory buffer. This can result in the program crashing, data corruption, or potentially remote code execution. Apple has addressed this issue with improved bounds checking in multiple operating systems, including iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8.
- Description
- An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- Source
- product-security@apple.com
- NVD status
- Received
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
47
Apple released urgent patches for iOS, iPadOS, and macOS to fix a zero-day in the ImageIO framework (CVE-2025-43300) exploited in targeted attacks by commercial spyware vendors. #iOSPatch #MemoryCorruption #USA https://t.co/u6n7Uuracd
@TweetThreatNews
21 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple patched CVE-2025-43300, a zero-day flaw in the ImageIO framework causing memory corruption via malicious images. Updates cover iOS, iPadOS, and macOS amid ongoing targeted attacks. #ZeroDay #ImageIOFlaw #USA https://t.co/Ej0FRDjhuy
@TweetThreatNews
21 Aug 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#cybernews ▪️Росіяни використовували уразливість Cisco: https://t.co/xyPRflucbL; ▪️Apple виправила уразливість CVE-2025-43300: https://t.co/cM3Z3FhKde; ▪️Дата виходу S.T.A.L.K.E.R.2 на PS5: https://t.co/
@RHSecurity
21 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🍏 CVE-2025-43300 Apple devices hit by a zero-day in ImageIO. Malicious images may trigger memory corruption. Reported as used in targeted attacks. https://t.co/xlh9EyYjVs #Apple #CVE #ZeroDay #CyberSecurity #iOS #macOS 🔓📱 https://t.co/J3YRHjOpNC
@BaseFortify
21 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Apple just patched a zero-day (CVE-2025-43300) exploited via malicious images on iPhones, iPads & Macs. Apple says it was used in “extremely sophisticated targeted attacks.” Update now → iOS 18.6.2, iPadOS 18.6.2/17.7.10, macOS 15.6.1/14.7.8/13.7.8. https://t.co/rU2ihp
@Prevent_Cyber
21 Aug 2025
278 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks https://t.co/Isjein6gWZ https://t.co/7mKu0EOyph
@talentxfactor
21 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple just patched a critical zero-day (CVE-2025-43300) in ImageIO, actively exploited to deliver code via malicious images. If you're on iOS/iPadOS, update to 18.6.2 IMMEDIATELY! This is urgent for your security. 📱 #Cybersecurity #ZeroDay #Apple https://t.co/isBBEYVXzN
@fernandokarl
21 Aug 2025
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AppleがiOS、iPadOS、macOSに影響を与えるセキュリティ上の欠陥に対するアップデートをリリース →ゼロデイのCVE-2025-43300に対応 →Appleは、勧告文で「特定の標的に対するきわめて洗練された攻撃で悪用された可能
@notChojin
21 Aug 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Apple Patches #CVE-2025-43300 Zero-Day in iOS, iPadOS, and #macOS Exploited in Targeted Attacks https://t.co/bqvScWnyGD
@ScyScan
21 Aug 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ #Apple corregge una nuova vulnerabilità zero-day (CVE-2025-43300) Aggiornare. 🔗 https://t.co/9YwkVbZcZZ https://t.co/eHJdxXs0d4
@sonoclaudio
21 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة CVE-2025-43300 ZeroDay 📸 في ImageIO: تنفيذ كود خبيث بمجرد فتح صورة 🔒 تحديثات عاجلة من Apple: iOS/iPadOS 18.6.2 + macOS 📲 حدّث جهازك فوراً لحماية بياناتك! https://t.co/qhbg1uyOhx
@Infoandtech3
21 Aug 2025
104 Impressions
1 Retweet
1 Like
1 Bookmark
1 Reply
0 Quotes
🚨CVE Alert: Critical Apple Zero-Day Vulnerability Exploited in the Wild🚨 Vulnerability Details: CVE-2025-43300 - Critical Apple Zero-Day Vulnerability Impact: A successful exploit may allow an authenticated attacker to execute arbitrary code and take full control of the
@CyberxtronTech
21 Aug 2025
10 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌: @AmericanGreedTV | @zsk 📑: CVE-2025-43300: Apple 🪧:Can't forget us. 📍:Caffè Nero BBC World Cafe Unit G015, BBC Broadcasting House, Portland place, London, W1A 1AA 🎐 https://t.co/Ya1NsSneoH
@ntmgom
21 Aug 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Hacker News - Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks https://t.co/XMOZ92y69W
@buzz_sec
21 Aug 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple just patched a zero-day already under attack. Hackers were exploiting a malicious image bug (CVE-2025-43300) in iPhones, iPads & Macs. Apple says it was used in extremely sophisticated targeted attacks. Update now. Details ↓ https://t.co/nPVg9eR7at
@TheHackersNews
21 Aug 2025
43751 Impressions
68 Retweets
158 Likes
52 Bookmarks
0 Replies
10 Quotes
Apple's 'Extremely Sophisticated Attack' Zero-Day: How Hackers Are Exploiting CVE-2025-43300 https://t.co/APHPyV04QD https://t.co/iMCj5NCIr8
@ehxanomity
21 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL Apple macOS flaw (CVE-2025-43300): Processing a malicious image can lead to memory corruption — seen in highly targeted attacks. Patch Sonoma, Ventura, Sequoia & iOS/iPadOS now! Details: https://t.co/wIim3KBZZE... https://t.co/mhVziJ5PqY
@offseq
21 Aug 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Falha de segurança Apple (CVE-2025-43300): Atualize seu iPhone agora! https://t.co/CCHBhnQhGm
@SempreUpdate
20 Aug 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300) https://t.co/MkHR6hQ6w5 #HelpNetSecurity #Cybersecurity https://t.co/HRxUqxOArm
@PoseidonTPA
20 Aug 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
macOS Sequoia 15.6.1 / iPadOS 18.6.2 などにアップデート完了✅。 既に悪用された可能性があるというゼロデイ脆弱性 CVE-2025-43300 に対処との事。
@macmacintosh
20 Aug 2025
259 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple released emergency updates to address a zero-day vulnerability (CVE-2025-43300) in the Image I/O framework, which could lead to remote code execution. The flaw, exploited in sophisticated attacks targeting specific individuals, has been patched in iOS, iPadOS, and macOS. ht
@imghosal_45
20 Aug 2025
561 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
1 Quote
📣 EMERGENCY UPDATE 📣 Apple pushed updates for a new zero-day that may have been actively exploited. 🐛 CVE-2025-43300 (ImageIO): - iOS and iPadOS 18.6.2 - iPadOS 17.7.10 - macOS Sequoia 15.6.1 - macOS Sonoma 14.7.8 - macOS Ventura 13.7.8
@ApplSec
20 Aug 2025
2964 Impressions
5 Retweets
21 Likes
4 Bookmarks
0 Replies
2 Quotes