CVE-2025-43300CRITICAL 10.0CISA KEVEPSS p97.1%

CVE-2025-43300Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability

Apple / iOS, iPadOS, and macOS

Description

Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.

Scoring

CVSS 3.110.0 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS19.97% probability of exploitation · percentile 97.1% · 2026-06-18T12:00:27Z
Published2025-08-21
Last modified2026-04-03

CISA KEV entry

Added to KEV: 2025-08-21

Underlying weaknesses· 1

CWE-787

References

  1. https://support.apple.com/en-us/124925
  2. https://support.apple.com/en-us/124926
  3. https://support.apple.com/en-us/124927
  4. https://support.apple.com/en-us/124928
  5. https://support.apple.com/en-us/124929
  6. https://support.apple.com/en-us/125141
  7. https://support.apple.com/en-us/125142
  8. http://seclists.org/fulldisclosure/2025/Sep/10

1

TypeTargetConfidenceTier
WeaknessOut-of-bounds Writecwe-7870%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryApple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerabilitykev-cve-2025-433000%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2022-42827
CVE
Apple iOS and macOS Out-of-Bounds Write Vulnerability
CVE
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability
CVE
Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
CVE
Apple iOS and iPadOS Buffer Overflow Vulnerability
CVE
Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.