Apple Products Remote Code Execution Vulnerability

Release Date: 21 Aug 2025

RISK: High Risk

TYPE: Operating Systems - Mobile & Apps

A vulnerability has been identified in Apple Products. A remote attacker could exploit this vulnerability to trigger remote code execution and denial of service condition on the targeted system.

 

Note:

CVE-2025-43300 may have been exploited in an extremely sophisticated attack against specific targeted individuals. This vulnerability is caused by an out-of-bounds write weakness discovered by Apple security researchers in the Image I/O framework, which enables applications to read and write most image file formats. Hence the risk level is rated to High Risk.

---

Impact

• Remote Code Execution
• Denial of Service

---

System / Technologies affected

• Versions prior to iPadOS 17.7.10
• Versions prior to iOS 18.6.2 and iPadOS 18.6.2
• Versions prior to macOS Sequoia 15.6.1
• Versions prior to macOS Sonoma 14.7.8
• Versions prior to macOS Ventura 13.7.8

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• iPadOS 17.7.10  
• iOS 18.6.2 and iPadOS 18.6.2  
• macOS Sequoia 15.6.1  
• macOS Sonoma 14.7.8  
• macOS Ventura 13.7.8  

---

Vulnerability Identifier

• CVE-2025-43300

---

Source

• Apple

---

Related Link

• https://support.apple.com/en-us/124925
• https://support.apple.com/en-us/124926
• https://support.apple.com/en-us/124927
• https://support.apple.com/en-us/124928
• https://support.apple.com/en-us/124929