MUST READ

Apple backports fix for actively exploited CVE-2025-43300

 | 

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

UK ICO finds students behind majority of school data breaches

 | 

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Apple backports fix for actively exploited CVE-2025-43300

Pierluigi Paganini September 17, 2025

Apple announced it has backported patches for a recently addressed actively exploited vulnerability tracked as CVE-2025-43300.

Apple has backported security patches released to address an actively exploited vulnerability tracked as CVE-2025-43300.

In August 2025, Apple addressed the actively exploited zero-day CVE-2025-43300 in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing a malicious image.

“Processing a malicious image file may result in memory corruption.” reads the advisory published by the tech giant. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

The company fixed the problem with improved bounds checking. Apple released the following updates to fix the issue:

  • iOS 18.6.2 and iPadOS 18.6.2 – iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
  • iPadOS 17.7.10 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
  • macOS Ventura 13.7.8 – Mac systems running macOS Ventura
  • macOS Sonoma 14.7.8 – Macs systems running macOS Sonoma
  • macOS Sequoia 15.6.1 – Macs systems running macOS Sequoia

As usual, the company did not share technical details about the attacks exploiting this vulnerability.

WhatsApp recently confirmed attackers chained CVE-2025-55177 with CVE-2025-43300 in spyware campaigns targeting fewer than 200 people. Apple patched the flaws in recent iOS, iPadOS, and macOS updates, including older versions.

Below are the updates released by Apple to address the issue:

  • iOS 16.7.12 and iPadOS 16.7.12 – iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
  • iOS 15.8.5 and iPadOS 15.8.5 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2025-43300)

Apple CVE-2025-43300 Hacking hacking news information security news IT Information Security Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini September 16, 2025
New supply chain attack hits npm registry, compromising 40+ packages
Read more
Pierluigi Paganini September 16, 2025
Cybercrime group accessed Google Law Enforcement Request System (LERS)
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Apple backports fix for actively exploited CVE-2025-43300

Security / September 17, 2025

New supply chain attack hits npm registry, compromising 40+ packages

Malware / September 16, 2025

Cybercrime group accessed Google Law Enforcement Request System (LERS)

Security / September 16, 2025

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

APT / September 16, 2025

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

Data Breach / September 16, 2025