Apple addressed a zero-day vulnerability (CVE-2025-43300) in iOS, iPadOS, and macOS that could lead to memory corruption through malicious images. The fix came after reports of sophisticated exploits targeting specific individuals. #CVE202543300 #AppleVulnerability
Keypoints
- The CVE-2025-43300 flaw is an out-of-bounds write issue in Appleβs ImageIO framework.
- Exploitation of this vulnerability could cause memory corruption on affected devices.
- Apple released security updates for iOS 18.6.2, iPadOS 18.6.2, macOS Ventura 13.7.8, macOS Sonoma 14.7.8, and macOS Sequoia 15.6.1.
- Federal agencies are mandated to fix this vulnerability by September 11, 2025, according to CISA directives.
- Experts advise organizations to review and address vulnerabilities listed in the KEV catalog to protect their infrastructure.