Apple has released patches for a critical zero-day vulnerability, CVE-2025-43300, affecting iOS, iPadOS, and macOS. This flaw, which has been actively exploited in the wild, was disclosed on August 21, 2025, and is listed in the Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, rated with a maximum CVSS score of 10, involves an out-of-bounds write issue that could allow attackers to execute arbitrary code on affected devices.
The vulnerability was exploited in highly sophisticated attacks, targeting users through maliciously crafted image files. The exploitation of this zero-day was detected before its public disclosure, marking it as a true zero-day with a time-to-exploit of zero days. This underscores the urgency for users to apply the available patches immediately.
Apple has addressed the issue by improving bounds checking in its software. The patches are available for multiple versions of iOS and iPadOS, including 15.8.5, 16.7.12, 17.7.10, and 18.6.2, as well as macOS versions Sequoia 15.6.1, Sonoma 14.7.8, and Ventura 13.7.8. Users are strongly advised to update their devices to these versions to mitigate the risk of exploitation.
The exploitation of CVE-2025-43300 has been linked to targeted attacks, although specific threat actors have not been publicly named. The availability of at least seven proof-of-concept exploits highlights the ease with which attackers could leverage this vulnerability if devices remain unpatched.
Security experts emphasize the critical nature of this vulnerability, given its potential impact and the sophistication of the attacks observed. The flaw's inclusion in the KEV catalog further stresses its significance, as it indicates a high likelihood of continued exploitation if left unaddressed.
Organizations and individuals using Apple devices should prioritize patching to protect against potential breaches. Security teams should verify that all devices are updated to the latest software versions and monitor for any signs of compromise related to this vulnerability. Additionally, users should remain vigilant against suspicious emails or messages that could serve as vectors for delivering malicious payloads exploiting this flaw.
CSURFACE