CVE-2025-43300

Published Aug 21, 2025

Last updated 21 days ago

Exploit knownCVSS high 8.8
Apple
macOS Sonoma

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-43300 is an out-of-bounds write vulnerability that exists within Apple's Image I/O framework. The vulnerability can be triggered when a device processes a maliciously crafted image file, which can lead to memory corruption. Successful exploitation of this vulnerability can occur when a program writes data outside of an allocated memory buffer. This can result in the program crashing, data corruption, or potentially remote code execution. Apple has addressed this issue with improved bounds checking in multiple operating systems, including iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8.

Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Source
product-security@apple.com
NVD status
Analyzed
Products
ipados, iphone_os

Insights

Analysis from the Intruder Security Team
Published Aug 26, 2025 Updated Aug 26, 2025

Researchers have been analysing the patch and have been able to trigger the crash within the iOS JPEG lossless decompression within RawCamera.bundle. Some git repositories with the results of their analysis have been made public here and here.

According to Apple, this issue has been "exploited in an extremely sophisticated attack against specific targeted individuals". A vulnerability of this nature takes significant resources to develop. As such, this is extremely valuable to threat actors where some vulnerability brokers would pay up to $15 million for a working proof-of-concept for this type of attack. Therefore we can assume widespread exploitation has not happened, but with the progress researchers have been making it will only be a matter of time before that happens. Patches should be applied immediately.

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Exploit added on
Aug 21, 2025
Exploit action due
Sep 11, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787

Social media

Hype score
Not currently trending

  1. 📱 Critical zero-click vulnerability (CVE-2025-55177) within WhatsApp has been leveraged in targeted spyware operations, in conjunction with an Apple Imagel0 flaw (CVE-2025-43300). https://t.co/r4LJmGQBz1

    @AiKalki

    6 Oct 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. ALERTA: WhatsApp 0-Click Vulnerability CVE-2025-55177 & CVE-2025-43300 https://t.co/QGsPiOcXwm

    @WMJenny24

    5 Oct 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  3. تحذير مديرية الأمن السيبراني في وزارة الداخلية عن عن ثغرة واتساب “Zero Click” جاء متأخراً شهراً كاملاً بعد إصلاحها (CVE-2025-55177 و CVE-2025-43300). واتساب أصلحتها في شهر

    @fadhil79

    3 Oct 2025

    5407 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ Weekly vuln radar from https://t.co/8RzyA4nEyg: CVE-2024-3400 (@stevenadair) CVE-2025-24132 CVE-2025-43300 CVE-2025-5777 CVE-2025-55177 CVE-2023-34044 (@pr0Ln) CVE-2023-20870 CVE-2025-10035 CVE-2025-20333 https://t.co/Z18UZ0WhOF

    @ptdbugs

    3 Oct 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Actively exploited CVE : CVE-2025-43300

    @transilienceai

    1 Oct 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🕵‍♂WhatsApp: 0-Click RCE por DNG malicioso • Investigadores publicaron PoC que combina dos vulnerabilidades (CVE-2025-55177 y CVE-2025-43300) permitiendo ejecución remota sin interacción en iOS/macOS/iPadOS. • El exploit se entrega mediante un archivo DNG malformado

    @HackingTeam777

    30 Sept 2025

    9238 Impressions

    51 Retweets

    219 Likes

    112 Bookmarks

    2 Replies

    2 Quotes

  7. 🚨 CVE-2025-55177 & CVE-2025-43300: WhatsApp 0-Click Crash CVE-2025-43300 GitHub: https://t.co/hmBnaQ0yxK https://t.co/Z69ge6FzNx

    @DarkWebInformer

    30 Sept 2025

    8255 Impressions

    24 Retweets

    118 Likes

    62 Bookmarks

    1 Reply

    0 Quotes

  8. CVE-2025-43300 Test Does the web browser support dng on PS5 PS4 https://t.co/wJoU9rJHt6 https://t.co/28PWB3AYN8

    @master_s9

    30 Sept 2025

    3930 Impressions

    6 Retweets

    44 Likes

    6 Bookmarks

    14 Replies

    1 Quote

  9. 🚨 Zero-click RCE in WhatsApp: A malicious DNG image can exploit Apple devices (iOS/macOS/iPadOS) via CVE-2025-55177 & CVE-2025-43300. PoC shows a compromise on receipt with no user action. Patch ASAP; avoid unexpected media. #cybersecurity #WhatsApp https://t.co/kHZLjqtrRr

    @AJTheTech

    29 Sept 2025

    165 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  10. ثغرَة 0-click في واتساب على iOS/macOS/iPadOS تُستغل عبر ملف DNG خبيث (CVE-2025-55177 & CVE-2025-43300) 🐞📸. PoC من باحثي DarkNavyOrg يُظهر تنفيذ كود عن بُعد بدون تفاعل — قد يتيح استيلاء ك

    @Infoandtech3

    29 Sept 2025

    117 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  11. We triggered WhatsApp 0-click on iOS/macOS/iPadOS. CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing. h

    @minacrissDev_

    29 Sept 2025

    2208 Impressions

    1 Retweet

    27 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  12. BREAKING: WhatsApp zero-click vuln (CVE-2025-55177 & CVE-2025-43300) exploited via malicious DNG files, enabling RCE on iOS/macOS/iPadOS. No user interaction needed! Patch now. Source: @The_Cyber_News https://t.co/osGMrTK9dw #CyberSec #WhatsApp

    @shekhardotin

    29 Sept 2025

    1443 Impressions

    0 Retweets

    7 Likes

    3 Bookmarks

    0 Replies

    1 Quote

  13. Actively exploited CVE : CVE-2025-43300

    @transilienceai

    29 Sept 2025

    63 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  14. Triggered WhatsApp 0-click on iOS/macOS/iPadOS CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing https:

    @zeeshankghouri

    29 Sept 2025

    95 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. El grupo DarkNavy anunció la explotación de una vulnerabilidad 0-click en WhatsApp, vinculada al CVE-2025-55177 y CVE-2025-43300 por fallas en validación y parsing DNG. También investigan un CVE en Samsung (2025-21043). https://t.co/1MO3mN9Px7

    @tpx_Security

    29 Sept 2025

    256 Impressions

    1 Retweet

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. We triggered WhatsApp 0-click on iOS/macOS/iPadOS. CVE-2025-55177 arises from missing validation that the [Redacted] message originates from a linked device, enabling specially crafted DNG parsing that triggers CVE-2025-43300. Analysis of Samsung CVE-2025-21043 is also ongoing. h

    @DarkNavyOrg

    28 Sept 2025

    73783 Impressions

    138 Retweets

    640 Likes

    316 Bookmarks

    6 Replies

    12 Quotes

  17. While reproducing the iOS ITW CVE-2025-43300 (https://t.co/xTk39FuOSi), we accidentally triggered another old DNG image parsing vulnerability. The analysis is still ongoing. https://t.co/mn04P5uu8d

    @minacrissDev_

    24 Sept 2025

    1652 Impressions

    1 Retweet

    14 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  18. Actively exploited CVE : CVE-2025-43300

    @transilienceai

    24 Sept 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  19. The two bytes that make size matter: Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix,

    @minacrissDev_

    21 Sept 2025

    1263 Impressions

    0 Retweets

    7 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  20. اپل برای آسیب پذیری با کد شناسایی CVE-2025-43300 که برای iPhone و iPad های قدیمی منتشر شده بود ، پچ لازم را منتشر نمود. این آسیب پذیری از نوع memory corruption بوده و باعث اجرای

    @AmirHossein_sec

    18 Sept 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. Urgent Steps Needed to Protect Your Apple Devices (CVE-2025-43300) Apple has recently addressed a serious security flaw affecting its macOS and iPadOS systems. ... https://t.co/refJ0l6A42

    @ThreatS95726

    17 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Apple backports zero-day patches to older iPhones and iPads (CVE-2025-43300) https://t.co/mR1SyXNrnr #patchmanagement

    @eyalestrin

    17 Sept 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Apple implementa un parche retroactivo para la vulnerabilidad CVE-2025-43300, explotada activamente. 👉 https://t.co/jxDO8EaPUi https://t.co/1ncBgpVNgI

    @EnigmaSecurity_

    17 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 😊 Apple has released a retroactive patch for the actively exploited vulnerability CVE-2025-43300. 🔒 👉 https://t.co/jxDO8EaPUi https://t.co/zZSYjmBhFk

    @EnigmaSecurity_

    17 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. AppleがCVE-2025-43300の修正をバックポートしスパイウェア攻撃に対応 https://t.co/fAET85NAlC #Security #セキュリティー #ニュース

    @SecureShield_

    17 Sept 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Apple releases critical security updates addressing CVE-2025-43300 exploited in targeted spyware attacks. Update your devices now to stay protected. Link: https://t.co/V0iQzuPNmn #Apple #Security #Update #Spyware #Devices #Protection #Vulnerability #Patch #Technology #Safety #iOS

    @dailytechonx

    16 Sept 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Apple backported fixes for a recently patched security flaw that has been actively exploited in the wild. CVE-2025-43300 out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. https://t.co/8vegRnotGc https

    @riskigy

    16 Sept 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. Apple releases updates fixing CVE-2025-43300, a critical ImageIO flaw exploited in targeted attacks causing memory corruption (CVSS 8.8). Patches cover iOS 18.6.2, macOS 13.7.8, and legacy devices. #CVE2025 #ImageIO #USA https://t.co/DirRiYZKGh

    @TweetThreatNews

    16 Sept 2025

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. CVE-2025-43300: Apple Issues Backported Fix After Spyware Exploitation #Apple #iOSUpdate #MacSecurity #CVE202543300 #SpywareAttack #CyberSecurity #DataProtection #iPhoneUpdate #ZeroDay #SecurityPatch https://t.co/SgrSMqF3eo

    @cyashadotcom

    16 Sept 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. اپل روز دوشنبه اقدام به انتشار وصله‌های امنیتی برای آسیب‌پذیری CVE-2025-43300 (امتیاز CVSS: 8.8) کرد که به‌طور فعال در حملات پیچیده مورد سوءاستفاده قرار گرفته است.

    @Teeegra

    16 Sept 2025

    1955 Impressions

    2 Retweets

    10 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 🛡 Apple backports patch for CVE-2025-43300—closing the WhatsApp exploit chain used against a handful of high-profile targets. Targeted spyware doesn’t yell. It whispers. #Apple #WhatsApp #ZeroDay #InfoSec

    @Wh1teCoon

    16 Sept 2025

    462 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. Apple a publié des mises à jour de sécurité afin d'intégrer les correctifs publiés le mois dernier pour les anciens modèles d'iPhone et d'iPad, corrigeant ainsi une zero-day (CVE-2025-43300) qui a été exploitée dans des attaques extrêmement sophistiquées https://t.co/

    @cert_ist

    16 Sept 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. 🕵️‍♂️ Hackers chained it with a WhatsApp flaw to target fewer than 200 people. 📱 Older iPhones & Macs are now patched—don’t skip this update. https://t.co/3

    @Nokaduta

    16 Sept 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack! Apple patched a serious vulnerability (CVE-2025-43300) in its ImageIO component — used in a spyware campaign targeting less than 200 individuals. The flaw allowed memory corruption via a malicio

    @ChbibAnas

    16 Sept 2025

    17 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  35. #Apple Backports Fix for #CVE-2025-43300 #Exploited in Sophisticated Spyware Attack https://t.co/WkgZFr39eT

    @ScyScan

    16 Sept 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack. Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability... https://t.co/VmL7e7bRTO #InceptusSecure #UnderOurProtection

    @Inceptus3

    16 Sept 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. Apple backports fix for critical CVE-2025-43300 ImageIO flaw actively exploited by sophisticated spyware. Update your devices! 🚨 https://t.co/icaUf0NrSv #AppleSecurity #CVE202543300 #Cybersecurity #Spyware

    @0xT3chn0m4nc3r

    16 Sept 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack https://t.co/e2fnGqgIjZ https://t.co/ZmAz8dSlin

    @RigneySec

    16 Sept 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. 📌 أصدرت أبل إصلاحات لخطر أمني حديث يُعرف بـ CVE-2025-43300، والذي تم استغلاله في هجوم تجسسي معقد. يتعلق الخلل بكتابة خارج الحدود في مكون ImageIO، مما قد يؤدي إلى تل

    @Cybercachear

    16 Sept 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. Apple backports a critical fix for CVE-2025-43300—already used in a sophisticated spyware attack. 🕵️‍♂️ Hackers chained it with a WhatsApp flaw to target fewer than 200 people. 📱 Older iPhones & Macs are now patched—don’t skip this update. Details → h

    @TheHackersNews

    16 Sept 2025

    13116 Impressions

    35 Retweets

    81 Likes

    15 Bookmarks

    1 Reply

    3 Quotes

  41. uD83D uDCE3 EMERGENCY UPDATE uD83D uDCE3 Apple pushed additional updates for a zero-day that may have been actively exploited. uD83D uDC1B CVE-2025-43300 (ImageIO) additional patches: - iOS and iPadOS 15.8.5 - iOS and iPadOS 16.7.12 https://t.co/xtaZeZl4Yf

    @BarbaraBen46365

    15 Sept 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. 🚨 APT ALERT 🍏🕵️‍♂️ • Mercenary spyware hitting Apple devices via zero-days (CVE-2025-43300, CVE-2025-55177) ⚡ • Targets: activists, journalists & government officials 🎯 • Action: Enable Lockdown Mode, check Apple alerts & patch ASAP 🔒 High

    @Newtalics

    13 Sept 2025

    94 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  43. iOS DNG image RawCamera parsing (CVE-2025-43300) recent used whatsapp 0click. https://t.co/1wjBL5DyA6 ( Repo included others relevant image format parser as well, look pretty auditable! ) https://t.co/SLNuXP1vXp

    @minacrissDev_

    13 Sept 2025

    1023 Impressions

    2 Retweets

    11 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  44. This is the iOS DNG image RawCamera parsing (CVE-2025-43300) recent used whatsapp 0click. https://t.co/FpsKb0nzkl ( Repo included others relevant image format parser as well, look pretty auditable! ) https://t.co/NsfnoqytnZ

    @__suto

    13 Sept 2025

    13028 Impressions

    27 Retweets

    208 Likes

    111 Bookmarks

    4 Replies

    1 Quote

  45. CVE-2025-43300 This is the exploit used in the current A12+ bypass. Still researching how it’s used.

    @iosnemes1s

    11 Sept 2025

    7204 Impressions

    7 Retweets

    83 Likes

    29 Bookmarks

    4 Replies

    0 Quotes

  46. Quarkslabによる(実際の攻撃に悪用されていた)iOSゼロクリック脆弱性 CVE-2025-43300のパッチ解析📖 ImageIO(RawCamera.bundle)の境界チェック不備を突かれ、悪意ある画像でメモリ破壊→RCE。 AppleはiOS18.6.2/macOS各版で修

    @yamatosecurity

    10 Sept 2025

    1993 Impressions

    2 Retweets

    10 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  47. CVE-2025-43300 is a zero-click out-of-bounds write vulnerability in the ImageIO framework when processing DNG images with JPEG lossless compression. Apple's patch fixes the issue by adding bounds checking to prevent writes beyond allocated memory, #security #vulnerability

    @bigmacd16684

    9 Sept 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. CVE-2025-43300 Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability: Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.

    @ZeroDayFacts

    8 Sept 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter https://t.co/wNM5mGC8Tk

    @Dinosn

    7 Sept 2025

    2183 Impressions

    0 Retweets

    14 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  50. Reverse engineering of Apple's iOS 0-click CVE-2025-43300 https://t.co/rGOL9w5ehz

    @AnoluMikky

    7 Sept 2025

    64 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.