Headline
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. "Apple is aware of a report that this issue may have been exploited in an
Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild.
The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file.
“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,” the company said.
Since then, WhatsApp has acknowledged that a vulnerability in its messaging apps for Apple iOS and macOS (CVE-2025-55177, CVSS score: 5.4) had been chained with CVE-2025-43300 as part of highly-targeted spyware attacks aimed at less than 200 individuals.
While the shortcoming was first addressed by the iPhone maker late last month with the release of iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Ventura 13.7.8, macOS Sonoma 14.7.8, and macOS Sequoia 15.6.1, it has also been released for the following older versions -
- iOS 16.7.12 and iPadOS 16.7.12 - iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
- iOS 15.8.5 and iPadOS 15.8.5 - iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
The updates have been rolled out alongside iOS 26, iPadOS 26, iOS 18.7, iPadOS 18.7, macOS Tahoe 26, macOS Sequoia 15.7, macOS Sonoma 14.8, tvOS 26, visionOS 26, watchOS 26, Safari 26, and Xcode 26, which also address a number of other security flaws -
- CVE-2025-31255 - An authorization vulnerability in IOKit that could allow an app to access sensitive data
- CVE-2025-43362 - A vulnerability in LaunchServices that could allow an app to monitor keystrokes without user permission
- CVE-2025-43329 - A permissions vulnerability in Sandbox that could allow an app to break out of its sandbox
- CVE-2025-31254 - A vulnerability in Safari that could result in unexpected URL redirection when processing maliciously crafted web content
- CVE-2025-43272 - A vulnerability in WebKit that could result in unexpected Safari crash when processing maliciously crafted web content
- CVE-2025-43285 - A permissions vulnerability in AppSandbox that could allow an app to access protected user data
- CVE-2025-43349 - An out-of-bounds write issue in CoreAudio that could result in unexpected app termination when processing a maliciously crafted video file
- CVE-2025-43316 - A permissions vulnerability in DiskArbitration that could allow an app to gain root privileges
- CVE-2025-43297 - A type confusion vulnerability in Power Management that could result in a denial-of-service
- CVE-2025-43204 - A vulnerability in RemoteViewServices that could allow an app to break out of its sandbox
- CVE-2025-43358 - A permissions vulnerability in Shortcuts that could allow a shortcut to bypass sandbox restrictions
- CVE-2025-43333 - A permissions vulnerability in Spotlight that could allow an app to gain root privileges
- CVE-2025-43304 - A race condition vulnerability in StorageKit that could allow an app to gain root privileges
- CVE-2025-48384 - A Git vulnerability in Xcode that could result in remote code execution when cloning a maliciously crafted repository
While there is no evidence that any of the aforementioned flaws have been weaponized in real-world attacks, it’s always a good practice to keep systems up-to-date for optimal protection.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Related news
Samsung patched CVE-2025-21043, a critical flaw in its Android devices exploited in live attacks. Users urged to install September 2025 update.
Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of the devices linked to their iCloud accounts may have been compromised as part
Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of the devices linked to their iCloud accounts may have been compromised as part
Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry.
CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to…
CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain
WhatsApp has patched a vulnerability that was used in conjunction with an Apple vulnerability in zero-click attacks.
WhatsApp has patched a vulnerability that was used in conjunction with an Apple vulnerability in zero-click attacks.
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the
CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal agencies must…
This week, Joe encourages you to find your community in cybersecurity and make the effort to grow, network and hack stuff together.
A list of topics we covered in the week of August 18 to August 24 of 2025
Apple fixes CVE-2025-43300, a flaw letting hackers hijack devices via malicious images. Users urged to update iPhone, iPad,…
Apple has released security updates to patch a zero-day vulnerability tracked as CVE-2025-43300 for all platforms
July Linux Patch Wednesday. This time, there are 470 vulnerabilities, slightly fewer than in June. Of these, 291 are in the Linux Kernel. One vulnerability shows signs of being exploited in the wild (CISA KEV): 🔻 SFB – Chromium (CVE-2025-6554) There are also 36 (❗️) vulnerabilities for which public exploits are available or suspected to […]