Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Weaknesses 1

Affected Products 10

References 13

• seclists.org http://seclists.org/fulldisclosure/2025/Sep/10
  Mailing ListThird Party Advisory
• seclists.org http://seclists.org/fulldisclosure/2025/Sep/14
  Mailing ListThird Party Advisory
• seclists.org http://seclists.org/fulldisclosure/2025/Sep/52
  Mailing ListThird Party Advisory
• github.com https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
  ExploitThird Party Advisory
• github.com https://github.com/cisagov/vulnrichment/issues/201
  Issue Tracking
• support.apple.com https://support.apple.com/en-us/124925
  Release NotesVendor Advisory
• support.apple.com https://support.apple.com/en-us/124926
  Release NotesVendor Advisory
• support.apple.com https://support.apple.com/en-us/124927
  Release NotesVendor Advisory
• support.apple.com https://support.apple.com/en-us/124928
  Release NotesVendor Advisory
• support.apple.com https://support.apple.com/en-us/124929
  Release NotesVendor Advisory
• support.apple.com https://support.apple.com/en-us/125141
  Release NotesVendor Advisory
• support.apple.com https://support.apple.com/en-us/125142
  Release NotesVendor Advisory
• cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300
  US Government Resource

Remediation