CVE-2025-43300

Published Aug 21, 2025

Last updated 9 days ago

Exploit knownCVSS critical 10.0
Apple
macOS Sonoma

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-43300 is an out-of-bounds write vulnerability that exists within Apple's Image I/O framework. The vulnerability can be triggered when a device processes a maliciously crafted image file, which can lead to memory corruption. Successful exploitation of this vulnerability can occur when a program writes data outside of an allocated memory buffer. This can result in the program crashing, data corruption, or potentially remote code execution. Apple has addressed this issue with improved bounds checking in multiple operating systems, including iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8.

Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Source
product-security@apple.com
NVD status
Analyzed
Products
ipados, iphone_os, macos

Insights

Analysis from the Intruder Security Team
Published Aug 26, 2025 Updated Aug 26, 2025

Researchers have been analysing the patch and have been able to trigger the crash within the iOS JPEG lossless decompression within RawCamera.bundle. Some git repositories with the results of their analysis have been made public here and here.

According to Apple, this issue has been "exploited in an extremely sophisticated attack against specific targeted individuals". A vulnerability of this nature takes significant resources to develop. As such, this is extremely valuable to threat actors where some vulnerability brokers would pay up to $15 million for a working proof-of-concept for this type of attack. Therefore we can assume widespread exploitation has not happened, but with the progress researchers have been making it will only be a matter of time before that happens. Patches should be applied immediately.

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Exploit added on
Aug 21, 2025
Exploit action due
Sep 11, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787

Social media

Hype score
Not currently trending

  1. (CVE-2025-21075, similar to CVE-2025-43300 in Apple's RawImage DNG decoder)[Samsung][DNG]QuramDng invalid LossyJpeg component assumption -> OOBW https://t.co/jTCQemHHlW Reported by Brendon Tiszka(https://t.co/RrgNOJhx7i)

    @xvonfers

    4 Dec 2025

    3266 Impressions

    4 Retweets

    34 Likes

    12 Bookmarks

    1 Reply

    1 Quote

  2. We triggered WhatsApp 0-click on iOS/macOS/iPadOS. CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing. h

    @minacrissDev_

    4 Nov 2025

    339 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Founder of OneKey: Update your software on iOS and macOS to the latest version (❗️) as soon as possible – Apple has discovered a critical zero-day vulnerability. CVE-2025-43300 is already being actively exploited by hackers: it’s enough to open a specially crafted image

    @RolfecryptoSig

    25 Oct 2025

    3 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. [Research] ImageIO: iOS/macOS DNG Image Processing Memory Corruption (en) This post summarizes CVE-2025-43300, an OOB write in ImageIO’s DNG lossless decoder. I cover dyld cache diffs, the vulnerable CDNGLosslessJpegUnpacker path, and the patch (CMPhoto/CVPixelBuffer + size ht

    @hackyboiz

    23 Oct 2025

    6872 Impressions

    16 Retweets

    78 Likes

    39 Bookmarks

    0 Replies

    1 Quote

  5. Contact us for assistance #BTC #ETH #BNB    #MOON #HarvestMoon #NEAR #MeteorWallet #Meteor SBNB #XRP #SOL RECOVER...Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. https://t.co/MsCNUvDR0q

    @carlcyber1

    21 Oct 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. The National Computer Emergency Response Team (NCERT) has alerted about a serious security flaw found in Apple’s ImageIO framework, identified as CVE-2025-43300. Read story: https://t.co/Aet9liI5rd #iphones #filesecurity

    @theasianmirror3

    20 Oct 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Contact us for assistance #BTC #ETH #BNB    #MOON #HarvestMoon #NEAR #MeteorWallet #Meteor SBNB #XRP #SOL RECOVER...Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. 🕵️‍♂️ Scammers chained it with a WhatsApp flaw

    @LegitHackserver

    13 Oct 2025

    13 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Contact us for assistance #BTC #ETH #BNB #MOON #HarvestMoon #NEAR #MeteorWallet #Meteor SBNB #XRP #SOL RECOVER...Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. 🕵️‍♂️ Scammers chained it with a WhatsApp flaw to targe

    @Shadows_hacker

    13 Oct 2025

    92 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. واتساب فيه ثغرة خطيرة 0-click «لا حاجة للنقر على شيء» على أجهزة أبل (iPhone, iPad, Mac): باحثون من مجموعة DarkNavyOrg بيّنوا طريقة استغلال ثغرتين — CVE-2025-55177 وCVE-2025-43300 — عن ط

    @cyber_shockry

    11 Oct 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 📱 Critical zero-click vulnerability (CVE-2025-55177) within WhatsApp has been leveraged in targeted spyware operations, in conjunction with an Apple Imagel0 flaw (CVE-2025-43300). https://t.co/r4LJmGQBz1

    @AiKalki

    6 Oct 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  11. ALERTA: WhatsApp 0-Click Vulnerability CVE-2025-55177 & CVE-2025-43300 https://t.co/QGsPiOcXwm

    @WMJenny24

    5 Oct 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  12. تحذير مديرية الأمن السيبراني في وزارة الداخلية عن عن ثغرة واتساب “Zero Click” جاء متأخراً شهراً كاملاً بعد إصلاحها (CVE-2025-55177 و CVE-2025-43300). واتساب أصلحتها في شهر

    @fadhil79

    3 Oct 2025

    5407 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. ⚠️ Weekly vuln radar from https://t.co/8RzyA4nEyg: CVE-2024-3400 (@stevenadair) CVE-2025-24132 CVE-2025-43300 CVE-2025-5777 CVE-2025-55177 CVE-2023-34044 (@pr0Ln) CVE-2023-20870 CVE-2025-10035 CVE-2025-20333 https://t.co/Z18UZ0WhOF

    @ptdbugs

    3 Oct 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Actively exploited CVE : CVE-2025-43300

    @transilienceai

    1 Oct 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. 🕵‍♂WhatsApp: 0-Click RCE por DNG malicioso • Investigadores publicaron PoC que combina dos vulnerabilidades (CVE-2025-55177 y CVE-2025-43300) permitiendo ejecución remota sin interacción en iOS/macOS/iPadOS. • El exploit se entrega mediante un archivo DNG malformado

    @HackingTeam777

    30 Sept 2025

    9238 Impressions

    51 Retweets

    219 Likes

    112 Bookmarks

    2 Replies

    2 Quotes

  16. 🚨 CVE-2025-55177 & CVE-2025-43300: WhatsApp 0-Click Crash CVE-2025-43300 GitHub: https://t.co/hmBnaQ0yxK https://t.co/Z69ge6FzNx

    @DarkWebInformer

    30 Sept 2025

    8255 Impressions

    24 Retweets

    118 Likes

    62 Bookmarks

    1 Reply

    0 Quotes

  17. CVE-2025-43300 Test Does the web browser support dng on PS5 PS4 https://t.co/wJoU9rJHt6 https://t.co/28PWB3AYN8

    @master_s9

    30 Sept 2025

    3930 Impressions

    6 Retweets

    44 Likes

    6 Bookmarks

    14 Replies

    1 Quote

  18. 🚨 Zero-click RCE in WhatsApp: A malicious DNG image can exploit Apple devices (iOS/macOS/iPadOS) via CVE-2025-55177 & CVE-2025-43300. PoC shows a compromise on receipt with no user action. Patch ASAP; avoid unexpected media. #cybersecurity #WhatsApp https://t.co/kHZLjqtrRr

    @AJTheTech

    29 Sept 2025

    165 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. ثغرَة 0-click في واتساب على iOS/macOS/iPadOS تُستغل عبر ملف DNG خبيث (CVE-2025-55177 & CVE-2025-43300) 🐞📸. PoC من باحثي DarkNavyOrg يُظهر تنفيذ كود عن بُعد بدون تفاعل — قد يتيح استيلاء ك

    @Infoandtech3

    29 Sept 2025

    117 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  20. We triggered WhatsApp 0-click on iOS/macOS/iPadOS. CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing. h

    @minacrissDev_

    29 Sept 2025

    2208 Impressions

    1 Retweet

    27 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  21. BREAKING: WhatsApp zero-click vuln (CVE-2025-55177 & CVE-2025-43300) exploited via malicious DNG files, enabling RCE on iOS/macOS/iPadOS. No user interaction needed! Patch now. Source: @The_Cyber_News https://t.co/osGMrTK9dw #CyberSec #WhatsApp

    @meet_cipher

    29 Sept 2025

    1443 Impressions

    0 Retweets

    7 Likes

    3 Bookmarks

    0 Replies

    1 Quote

  22. Actively exploited CVE : CVE-2025-43300

    @transilienceai

    29 Sept 2025

    63 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  23. Triggered WhatsApp 0-click on iOS/macOS/iPadOS CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing https:

    @zeeshankghouri

    29 Sept 2025

    95 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. El grupo DarkNavy anunció la explotación de una vulnerabilidad 0-click en WhatsApp, vinculada al CVE-2025-55177 y CVE-2025-43300 por fallas en validación y parsing DNG. También investigan un CVE en Samsung (2025-21043). https://t.co/1MO3mN9Px7

    @tpx_Security

    29 Sept 2025

    256 Impressions

    1 Retweet

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. We triggered WhatsApp 0-click on iOS/macOS/iPadOS. CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing. h

    @DarkNavyOrg

    28 Sept 2025

    73783 Impressions

    138 Retweets

    640 Likes

    316 Bookmarks

    6 Replies

    12 Quotes

  26. While reproducing the iOS ITW CVE-2025-43300 (https://t.co/xTk39FuOSi), we accidentally triggered another old DNG image parsing vulnerability. The analysis is still ongoing. https://t.co/mn04P5uu8d

    @minacrissDev_

    24 Sept 2025

    1652 Impressions

    1 Retweet

    14 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  27. Actively exploited CVE : CVE-2025-43300

    @transilienceai

    24 Sept 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  28. The two bytes that make size matter: Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix,

    @minacrissDev_

    21 Sept 2025

    1263 Impressions

    0 Retweets

    7 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  29. اپل برای آسیب پذیری با کد شناسایی CVE-2025-43300 که برای iPhone و iPad های قدیمی منتشر شده بود ، پچ لازم را منتشر نمود. این آسیب پذیری از نوع memory corruption بوده و باعث اجرای

    @AmirHossein_sec

    18 Sept 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. Urgent Steps Needed to Protect Your Apple Devices (CVE-2025-43300) Apple has recently addressed a serious security flaw affecting its macOS and iPadOS systems. ... https://t.co/refJ0l6A42

    @ThreatS95726

    17 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. Apple backports zero-day patches to older iPhones and iPads (CVE-2025-43300) https://t.co/mR1SyXNrnr #patchmanagement

    @eyalestrin

    17 Sept 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. Apple implementa un parche retroactivo para la vulnerabilidad CVE-2025-43300, explotada activamente. 👉 https://t.co/jxDO8EaPUi https://t.co/1ncBgpVNgI

    @EnigmaSecurity_

    17 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 😊 Apple has released a retroactive patch for the actively exploited vulnerability CVE-2025-43300. 🔒 👉 https://t.co/jxDO8EaPUi https://t.co/zZSYjmBhFk

    @EnigmaSecurity_

    17 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. AppleがCVE-2025-43300の修正をバックポートしスパイウェア攻撃に対応 https://t.co/fAET85NAlC #Security #セキュリティー #ニュース

    @SecureShield_

    17 Sept 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. Apple releases critical security updates addressing CVE-2025-43300 exploited in targeted spyware attacks. Update your devices now to stay protected. Link: https://t.co/V0iQzuPNmn #Apple #Security #Update #Spyware #Devices #Protection #Vulnerability #Patch #Technology #Safety #iOS

    @dailytechonx

    16 Sept 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Apple backported fixes for a recently patched security flaw that has been actively exploited in the wild. CVE-2025-43300 out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. https://t.co/8vegRnotGc https

    @riskigy

    16 Sept 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. Apple releases updates fixing CVE-2025-43300, a critical ImageIO flaw exploited in targeted attacks causing memory corruption (CVSS 8.8). Patches cover iOS 18.6.2, macOS 13.7.8, and legacy devices. #CVE2025 #ImageIO #USA https://t.co/DirRiYZKGh

    @TweetThreatNews

    16 Sept 2025

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. CVE-2025-43300: Apple Issues Backported Fix After Spyware Exploitation #Apple #iOSUpdate #MacSecurity #CVE202543300 #SpywareAttack #CyberSecurity #DataProtection #iPhoneUpdate #ZeroDay #SecurityPatch https://t.co/SgrSMqF3eo

    @cyashadotcom

    16 Sept 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. اپل روز دوشنبه اقدام به انتشار وصله‌های امنیتی برای آسیب‌پذیری CVE-2025-43300 (امتیاز CVSS: 8.8) کرد که به‌طور فعال در حملات پیچیده مورد سوءاستفاده قرار گرفته است.

    @Teeegra

    16 Sept 2025

    1955 Impressions

    2 Retweets

    10 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. 🛡 Apple backports patch for CVE-2025-43300—closing the WhatsApp exploit chain used against a handful of high-profile targets. Targeted spyware doesn’t yell. It whispers. #Apple #WhatsApp #ZeroDay #InfoSec

    @Wh1teCoon

    16 Sept 2025

    462 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. Apple a publié des mises à jour de sécurité afin d'intégrer les correctifs publiés le mois dernier pour les anciens modèles d'iPhone et d'iPad, corrigeant ainsi une zero-day (CVE-2025-43300) qui a été exploitée dans des attaques extrêmement sophistiquées https://t.co/

    @cert_ist

    16 Sept 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. 🕵️‍♂️ Hackers chained it with a WhatsApp flaw to target fewer than 200 people. 📱 Older iPhones & Macs are now patched—don’t skip this update. https://t.co/3

    @Nokaduta

    16 Sept 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack! Apple patched a serious vulnerability (CVE-2025-43300) in its ImageIO component — used in a spyware campaign targeting less than 200 individuals. The flaw allowed memory corruption via a malicio

    @ChbibAnas

    16 Sept 2025

    17 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  44. #Apple Backports Fix for #CVE-2025-43300 #Exploited in Sophisticated Spyware Attack https://t.co/WkgZFr39eT

    @ScyScan

    16 Sept 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack. Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability... https://t.co/VmL7e7bRTO #InceptusSecure #UnderOurProtection

    @Inceptus3

    16 Sept 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. Apple backports fix for critical CVE-2025-43300 ImageIO flaw actively exploited by sophisticated spyware. Update your devices! 🚨 https://t.co/icaUf0NrSv #AppleSecurity #CVE202543300 #Cybersecurity #Spyware

    @0xT3chn0m4nc3r

    16 Sept 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack https://t.co/e2fnGqgIjZ https://t.co/ZmAz8dSlin

    @RigneySec

    16 Sept 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. 📌 أصدرت أبل إصلاحات لخطر أمني حديث يُعرف بـ CVE-2025-43300، والذي تم استغلاله في هجوم تجسسي معقد. يتعلق الخلل بكتابة خارج الحدود في مكون ImageIO، مما قد يؤدي إلى تل

    @Cybercachear

    16 Sept 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. 🕵️‍♂️ Hackers chained it with a WhatsApp flaw to target fewer than 200 people. 📱 Older iPhones & Macs are now patched—don’t skip this update. Details → h

    @TheHackersNews

    16 Sept 2025

    13116 Impressions

    35 Retweets

    81 Likes

    15 Bookmarks

    1 Reply

    3 Quotes

  50. uD83D uDCE3 EMERGENCY UPDATE uD83D uDCE3 Apple pushed additional updates for a zero-day that may have been actively exploited. uD83D uDC1B CVE-2025-43300 (ImageIO) additional patches: - iOS and iPadOS 15.8.5 - iOS and iPadOS 16.7.12 https://t.co/xtaZeZl4Yf

    @BarbaraBen46365

    15 Sept 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.