CVE-2025-43200

June 17, 2025, 1 a.m.

None
No Score

Description

This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Product(s) Impacted

Vendor Product Versions
Apple
  • Watchos
  • Macos
  • Ios
  • Ipados
  • Visionos
  • 11.3.1
  • ventura, sequoia, sonoma
  • 15.8.4, 16.7.11, 18.3.1
  • 15.8.4, 16.7.11, 17.7.5, 18.3.1
  • 2.3.1

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o apple watchos 11.3.1 / / / / / / /
o apple macos ventura 13.7.4 / / / / / /
o apple ios 15.8.4 / / / / / / /
o apple ipadOS 15.8.4 / / / / / / /
o apple ios 16.7.11 / / / / / / /
o apple ipadOS 16.7.11 / / / / / / /
o apple ipadOS 17.7.5 / / / / / / /
o apple visionos 2.3.1 / / / / / / /
o apple macos sequoia 15.3.1 / / / / / /
o apple ios 18.3.1 / / / / / / /
o apple ipadOS 18.3.1 / / / / / / /
o apple macos sonoma 14.7.4 / / / / / /

References

https://support.apple.com/en-us/122173
https://support.apple.com/en-us/122174
https://support.apple.com/en-us/122345
https://support.apple.com/en-us/122346
https://support.apple.com/en-us/122900
https://support.apple.com/en-us/122901
https://support.apple.com/en-us/122902
https://support.apple.com/en-us/122903
https://support.apple.com/en-us/122904

Tags

product-security@apple.com
CVE-2025-43200
2025-06-16

Timeline

Published: June 16, 2025, 10:16 p.m.
Last Modified: June 17, 2025, 1 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@apple.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.