CVE-2025-43200
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-16

Last updated on: 2026-04-03

Assigner: Apple Inc.

Description
This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, watchOS 11.3.1. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-16
Last Modified
2026-04-03
Generated
2026-05-07
AI Q&A
2025-06-17
EPSS Evaluated
2026-05-05
NVD
CVE-2025-43200
Affected Vendors & Products
Showing 12 associated CPEs
Vendor Product Version / Range
apple ipados From 18.0 (inc) to 18.3.1 (exc)
apple ipados to 15.8.4 (exc)
apple ipados From 16.0 (inc) to 16.7.11 (exc)
apple ipados From 17.0 (inc) to 17.7.5 (exc)
apple iphone_os to 15.8.4 (exc)
apple iphone_os From 16.0 (inc) to 16.7.11 (inc)
apple iphone_os From 17.0 (inc) to 18.3.1 (inc)
apple macos From 14.0 (inc) to 14.7.4 (exc)
apple macos From 15.0 (inc) to 15.3.1 (exc)
apple visionos to 2.3.1 (exc)
apple watchos to 11.3.1 (exc)
apple macos From 13.0 (inc) to 13.7.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a logic issue that occurred when processing a maliciously crafted photo or video shared via an iCloud Link. It was addressed by improved checks in various Apple operating systems. The issue could be exploited through specially crafted media files shared via iCloud Links.


How can this vulnerability impact me? :

The vulnerability could be exploited in an extremely sophisticated attack against specific targeted individuals, potentially allowing attackers to leverage the logic flaw when processing malicious media shared via iCloud Links. This could lead to unauthorized actions or compromise on affected Apple devices.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update your Apple devices to the fixed versions: watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, and macOS Sonoma 14.7.4. Avoid opening maliciously crafted photos or videos shared via iCloud Link until updates are applied.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart