CVE-2025-43300

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

CVSS v3 10.0 CRITICAL

10.0^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://support.apple.com/en-us/124925	Release Notes Vendor Advisory
https://support.apple.com/en-us/124926	Release Notes Vendor Advisory
https://support.apple.com/en-us/124927	Release Notes Vendor Advisory
https://support.apple.com/en-us/124928	Release Notes Vendor Advisory
https://support.apple.com/en-us/124929	Release Notes Vendor Advisory
https://support.apple.com/en-us/125141	Release Notes Vendor Advisory
https://support.apple.com/en-us/125142	Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2025/Sep/10	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Sep/14	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2025/Sep/52	Mailing List Third Party Advisory
https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md	Exploit Third Party Advisory
https://github.com/cisagov/vulnrichment/issues/201	Issue Tracking
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

History

03 Apr 2026, 14:28

Type	Values Removed	Values Added
References	~~() https://support.apple.com/en-us/124925 -~~	() https://support.apple.com/en-us/124925 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124926 -~~	() https://support.apple.com/en-us/124926 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124927 -~~	() https://support.apple.com/en-us/124927 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124928 -~~	() https://support.apple.com/en-us/124928 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124929 -~~	() https://support.apple.com/en-us/124929 - Release Notes, Vendor Advisory

02 Apr 2026, 19:20

Type	Values Removed	Values Added
References		() https://support.apple.com/en-us/124925 - () https://support.apple.com/en-us/124926 - () https://support.apple.com/en-us/124927 - () https://support.apple.com/en-us/124928 - () https://support.apple.com/en-us/124929 -
Summary	(en) An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.	(en) An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

26 Nov 2025, 16:21

Type	Values Removed	Values Added
References	~~() https://github.com/cisagov/vulnrichment/issues/201 -~~	() https://github.com/cisagov/vulnrichment/issues/201 - Issue Tracking

26 Nov 2025, 14:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 10.0
References		() https://github.com/cisagov/vulnrichment/issues/201 -

06 Nov 2025, 14:52

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2025/Sep/10 -~~	() http://seclists.org/fulldisclosure/2025/Sep/10 - Mailing List, Third Party Advisory

04 Nov 2025, 22:16

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Sep/10 -

04 Nov 2025, 16:23

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2025/Sep/14 -~~	() http://seclists.org/fulldisclosure/2025/Sep/14 - Mailing List, Third Party Advisory
References	~~() http://seclists.org/fulldisclosure/2025/Sep/52 -~~	() http://seclists.org/fulldisclosure/2025/Sep/52 - Mailing List, Third Party Advisory
First Time		Apple macos
CPE		cpe:2.3:o:apple:macos::::::::

03 Nov 2025, 20:19

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Sep/14 -

03 Nov 2025, 19:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2025/Sep/52 -

23 Oct 2025, 18:04

Type	Values Removed	Values Added
References	~~() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300 -~~	() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300 - US Government Resource

21 Oct 2025, 23:17

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300 -

21 Oct 2025, 20:20

Type	Values Removed	Values Added
References	~~{'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}~~

21 Oct 2025, 19:21

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300 -
References	~~() https://support.apple.com/en-us/125141 - Vendor Advisory, Release Notes~~	() https://support.apple.com/en-us/125141 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/125142 - Vendor Advisory, Release Notes~~	() https://support.apple.com/en-us/125142 - Release Notes, Vendor Advisory

16 Sep 2025, 14:08

Type	Values Removed	Values Added
References	~~() https://support.apple.com/en-us/125141 -~~	() https://support.apple.com/en-us/125141 - Vendor Advisory, Release Notes
References	~~() https://support.apple.com/en-us/125142 -~~	() https://support.apple.com/en-us/125142 - Vendor Advisory, Release Notes
References	~~() https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md - Exploit~~	() https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md - Exploit, Third Party Advisory
CPE	cpe:2.3:o:apple:macos::::::::

15 Sep 2025, 23:15

Type	Values Removed	Values Added
Summary	(en) An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.	(en) An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
References	~~{'url': 'https://support.apple.com/en-us/124925', 'tags': ['Release Notes', 'Vendor Advisory'], 'source': 'product-security@apple.com'}~~ ~~{'url': 'https://support.apple.com/en-us/124926', 'tags': ['Release Notes', 'Vendor Advisory'], 'source': 'product-security@apple.com'}~~ ~~{'url': 'https://support.apple.com/en-us/124927', 'tags': ['Release Notes', 'Vendor Advisory'], 'source': 'product-security@apple.com'}~~ ~~{'url': 'https://support.apple.com/en-us/124928', 'tags': ['Release Notes', 'Vendor Advisory'], 'source': 'product-security@apple.com'}~~ ~~{'url': 'https://support.apple.com/en-us/124929', 'tags': ['Release Notes', 'Vendor Advisory'], 'source': 'product-security@apple.com'}~~	() https://support.apple.com/en-us/125141 - () https://support.apple.com/en-us/125142 -

26 Aug 2025, 14:47

Type	Values Removed	Values Added
References	~~() https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md -~~	() https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md - Exploit

26 Aug 2025, 05:15

Type	Values Removed	Values Added
References		() https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md -

22 Aug 2025, 18:52

Type	Values Removed	Values Added
References	~~() https://support.apple.com/en-us/124925 -~~	() https://support.apple.com/en-us/124925 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124926 -~~	() https://support.apple.com/en-us/124926 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124927 -~~	() https://support.apple.com/en-us/124927 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124928 -~~	() https://support.apple.com/en-us/124928 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/124929 -~~	() https://support.apple.com/en-us/124929 - Release Notes, Vendor Advisory
CPE		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:macos::::::::
First Time		Apple ipados Apple iphone Os Apple macos Apple

21 Aug 2025, 14:15

Type	Values Removed	Values Added
Summary		(es) Se solucionó un problema de escritura fuera de los límites mejorando la comprobación de los límites. Este problema se solucionó en macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 y iPadOS 18.6.2. Procesar un archivo de imagen malicioso puede provocar daños en la memoria. Apple tiene conocimiento de un informe que indica que este problema podría haber sido explotado en un ataque extremadamente sofisticado contra individuos específicos.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CWE		CWE-787

21 Aug 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-21 01:15

Updated : 2026-04-03 14:28

NVD link : CVE-2025-43300

Mitre link : CVE-2025-43300

CVE.ORG link : CVE-2025-43300

JSON object : View

Products Affected

apple

iphone_os
ipados
macos

CWE

CWE-787

Out-of-bounds Write

10.0 /10