HomePortfolioAdvisoryApple Patches Zero-Day in iOS, iPadOS, & macOS Exploited in Targeted Attacks

Apple Patches Zero-Day in iOS, iPadOS, & macOS Exploited in Targeted Attacks

Apple Patches Zero-Day in iOS, iPadOS, & macOS Exploited in Targeted Attacks

  • November 21, 2025
  • Posted by: Chernor Jalloh
  • Categories:
No Comments

THREAT SUMMARY

Apple has released urgent security updates to address a critical zero-day vulnerability (CVE-2025-43300, CVSS: Critical) in the ImageIO framework affecting iOS, iPadOS, and macOS. The flaw is being actively exploited in targeted attacks, potentially allowing adversaries to achieve memory corruption and execute arbitrary code by tricking victims into processing malicious images.

Apple confirmed that this vulnerability has been used in sophisticated attacks against specific targeted individuals, underscoring the need for immediate patching.

AFFECTED PRODUCTS

• iOS 18.6.1 and earlier – iPhone XS and later

• iPadOS 18.6.1 and earlier – iPad Pro (13-inch, 12.9-inch 3rd gen+), iPad Pro (11-inch 1st gen+), iPad Air (3rd gen+), iPad (7th gen+), iPad mini (5th gen+)

• iPadOS 17.7.9 and earlier – iPad Pro (12.9-inch 2nd gen, 10.5-inch), iPad (6th gen)

• macOS Ventura 13.7.7 and earlier

• macOS Sonoma 14.7.7 and earlier

• macOS Sequoia 15.6 and earlier

PATCHED VERSIONS

• iOS 18.6.2 / iPadOS 18.6.2

• iPadOS 17.7.10

• macOS Ventura 13.7.8

• macOS Sonoma 14.7.8

• macOS Sequoia 15.6.1

MITIGATION & RECOMMENDATIONS

• Update Immediately: Apply the latest security updates across all Apple devices.

• Enterprise Priority: Ensure corporate-owned iPhones, iPads, and Macs are patched without delay.

• User Awareness: Warn users to exercise caution when receiving or opening unsolicited image files via email, messaging apps, or websites.

• Monitoring: Track for unusual device behavior, particularly among high-value targets such as executives, policymakers, journalists, and activists.

• Vulnerability Management: Incorporate this patch into ongoing vulnerability and endpoint management programs.

THREAT CONTEXT

This is the seventh zero-day exploited in 2025 affecting Apple products. Previous exploited flaws include CVE-2025-24085, CVE-2025-24200, CVE-2025-24201, CVE-2025-31200, CVE-2025-31201, and CVE-2025-43200. The recurring exploitation highlights the ongoing targeting of Apple ecosystems by advanced threat actors.

REFERENCES

Apple Security Advisory
CVE-2025-43300 Details
The Hackers News
SL-CSIRT



This website uses cookies and asks your personal data to enhance your browsing experience. We are committed to protecting your privacy and ensuring your data is handled in compliance with the General Data Protection Regulation (GDPR).
Ok, I agree Privacy Policy