CVE-2025-43200

Warnung

Medienbericht

EPSS 0.14%
Veröffentlicht 16.06.2025 21:36:25
Zuletzt bearbeitet 17.06.2025 15:52:31
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Betroffene Produkte Warnungen 1 Metriken 2 CWE 0 Referenzen 15

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iPadOS Version < 15.8.4

Apple ≫ iPadOS Version >= 16.0 < 16.7.11

Apple ≫ iPadOS Version >= 17.0 < 17.7.5

Apple ≫ iPadOS Version >= 18.0 < 18.3.1

Apple ≫ iPhone OS Version < 15.8.4

Apple ≫ iPhone OS Version >= 16.0 <= 16.7.11

Apple ≫ iPhone OS Version >= 17.0 <= 18.3.1

Apple ≫ macOS Version < 13.7.4

Apple ≫ macOS Version >= 14.0 < 14.7.4

Apple ≫ macOS Version >= 15.0 < 15.3.1

Apple ≫ visionOS Version < 2.3.1

Apple ≫ watchOS Version < 11.3.1

16.06.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

Apple Multiple Products Unspecified Vulnerability

Schwachstelle

Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen