Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks — Aug 21, 2025Ravie LakshmananVulnerability / Zero-Day [https:
What’s new: Apple has released security updates to address a zero-day vulnerability, tracked as CVE-2025-43300, affecting iOS, iPadOS, and macOS. This out-of-bounds write vulnerability in the ImageIO framework can lead to memory corruption when processing malicious images and has been exploited in targeted attacks.
Who’s affected
The vulnerability impacts the following versions:
- iOS 18.6.2 and iPadOS 18.6.2 (iPhone XS and later, iPad Pro 13-inch and later, iPad Air 3rd generation and later, iPad 7th generation and later, iPad mini 5th generation and later)
- iPadOS 17.7.10 (iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, iPad 6th generation)
- macOS Ventura 13.7.8 (Macs running macOS Ventura)
- macOS Sonoma 14.7.8 (Macs running macOS Sonoma)
- macOS Sequoia 15.6.1 (Macs running macOS Sequoia)
What to do
- Update to the latest versions of iOS, iPadOS, and macOS as soon as possible to mitigate the risk associated with this vulnerability.
