CVE-2025-43300

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-43300
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/124925 Release Notes Vendor Advisory
https://support.apple.com/en-us/124926 Release Notes Vendor Advisory
https://support.apple.com/en-us/124927 Release Notes Vendor Advisory
https://support.apple.com/en-us/124928 Release Notes Vendor Advisory
https://support.apple.com/en-us/124929 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
History

22 Aug 2025, 18:52

Type Values Removed Values Added
CPE cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
First Time Apple ipados
Apple iphone Os
Apple macos
Apple
References () https://support.apple.com/en-us/124925 - () https://support.apple.com/en-us/124925 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/124926 - () https://support.apple.com/en-us/124926 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/124927 - () https://support.apple.com/en-us/124927 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/124928 - () https://support.apple.com/en-us/124928 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/124929 - () https://support.apple.com/en-us/124929 - Release Notes, Vendor Advisory

21 Aug 2025, 14:15

Type Values Removed Values Added
Summary
  • (es) Se solucionó un problema de escritura fuera de los límites mejorando la comprobación de los límites. Este problema se solucionó en macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 y iPadOS 18.6.2. Procesar un archivo de imagen malicioso puede provocar daños en la memoria. Apple tiene conocimiento de un informe que indica que este problema podría haber sido explotado en un ataque extremadamente sofisticado contra individuos específicos.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8
CWE CWE-787

21 Aug 2025, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-21 01:15

Updated : 2025-08-22 18:52

NVD link : CVE-2025-43300

Mitre link : CVE-2025-43300

CVE.ORG link : CVE-2025-43300

JSON object : View

Products Affected

apple

  • iphone_os
  • ipados
  • macos
CWE
CWE-787

Out-of-bounds Write