Back to KEVs

CVE-2025-43300

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and...

Basic Information

CVE State
PUBLISHED
Reserved Date
April 16, 2025
Published Date
August 21, 2025
Last Updated
April 02, 2026
Vendor
Apple
Product
iOS and iPadOS, iPadOS, macOS
Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Tags
cisa

CVSS Scores

CVSS v3.1

10.0 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2026-06-01 10:39:18 UTC) Source

References

https://support.apple.com/en-us/124925 https://support.apple.com/en-us/124926 https://support.apple.com/en-us/124927 https://support.apple.com/en-us/124928 https://support.apple.com/en-us/124929 https://support.apple.com/en-us/125141 https://support.apple.com/en-us/125142

Known Exploited Vulnerability Information

Source Added Date
CVE 2026-06-01 10:39:18 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel