In a series of updates for its iOS, iPadOS, and macOS operating systems, Apple released a patch for a previously unknown vulnerability that has likely been exploited in highly targeted attacks.
The vulnerability, tracked as CVE-2025-43300, is an out-of-bounds write vulnerability in the Image I/O framework, Apple’s built-in framework which allows developers to read, write and manipulate image data efficiently.
It affects macOS Ventura before version 13.7, macOS Sonoma before version 14.7, macOS Sequoia before version 15.6, iOS before 18.6 and iPadOS before 17.7 and 18.6.
When the vulnerability is exploited, processing a malicious image file may result in memory corruption.
Apple did not provide a severity score for this vulnerability.
However, the company stated in an August 20 security advisory that it was “aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The updates to patched versions, rolled out on August 20, included the following systems:
- macOS Ventura 13.7.8
- macOS Sonoma 14.7.8
- macOS Sequoia 15.6.1
- iOS 18.6.2
- iPadOS 17.7.10
- iPadOS 18.6.2
Open Door for ‘Zero-Click’ Spyware Attacks
Experts reacting to these updates urged Apple users to quickly install the patched versions, even though known exploitation seemed to be targeted and highly targeted.
Sylvain Cortes, VP of strategy at Hackuity, noted that the vulnerability potentially “opens the door to so-called ‘zero-click’ attacks, where a simple malicious message could let attackers run code without any action from the victim.”
“Previous exploits of this nature have been used to target government officials, journalists and other high-value individuals,” he added.
Adam Boynton, a senior security strategy manager at Jamf, expressed similar concerns.
“While Apple has not confirmed whether this specific flaw was linked to spyware, similar vulnerabilities in Image I/O and WebKit have previously been used in Pegasus campaigns,” he stated.
“Even though the exploitation appears targeted, we recommend that all users update to iOS 18.6.2 immediately, particularly those in industries most at risk of spyware attacks.”
Photo credits:nikkimeel / Shutterstock.com