CVE-2025-43300
BaseFortify
Publication date: 2025-08-21
Last updated on: 2026-04-03
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ipados | From 18.0 (inc) to 18.6.2 (exc) |
| apple | macos | From 14.0 (inc) to 14.7.8 (exc) |
| apple | macos | From 15.0 (inc) to 15.6.1 (exc) |
| apple | ipados | to 15.8.5 (exc) |
| apple | ipados | From 16.0 (inc) to 16.7.12 (exc) |
| apple | iphone_os | to 15.8.5 (exc) |
| apple | iphone_os | From 16.0 (inc) to 16.7.12 (exc) |
| apple | ipados | From 17.0 (inc) to 17.7.10 (exc) |
| apple | iphone_os | From 17.0 (inc) to 18.6.2 (exc) |
| apple | macos | From 13.0 (inc) to 13.7.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds write issue that occurs due to insufficient bounds checking when processing image files. A maliciously crafted image file can trigger memory corruption, potentially allowing an attacker to execute arbitrary code or cause a system crash.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to memory corruption which may allow attackers to execute arbitrary code, compromise system integrity, or cause denial of service. It has been reported to be used in highly sophisticated attacks targeting specific individuals.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update affected Apple operating systems to the fixed versions: macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2, and iPadOS 18.6.2.