CVE-2025-43300

Warnung

Medienbericht

Exploit

EPSS 0.95%
Veröffentlicht 21.08.2025 00:27:21
Zuletzt bearbeitet 26.11.2025 16:21:19
Quelle product-security@apple.com
CVE-Watchlists
Login
Unerledigt
Login

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Betroffene Produkte Warnungen 1 Metriken 2 CWE 1 Referenzen 13

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iPadOS Version < 15.8.5

Apple ≫ iPadOS Version >= 16.0 < 16.7.12

Apple ≫ iPadOS Version >= 18.0 < 18.6.2

Apple ≫ iPhone OS Version < 15.8.5

Apple ≫ iPhone OS Version >= 16.0 < 16.7.12

Apple ≫ iPhone OS Version >= 18.0 < 18.6.2

Apple ≫ macOS Version < 13.7.8

21.08.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability

Schwachstelle

Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen