Apple Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, spoofing, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

Note:

CVE-2025-43300 may have been exploited in an extremely sophisticated attack against specific targeted individuals. This vulnerability is caused by an out-of-bounds write weakness discovered by Apple security researchers in the Image I/O framework, which enables applications to read and write most image file formats. Hence the risk level is rated to High Risk.

Impact

• Denial of Service
• Remote Code Execution
• Elevation of Privilege
• Security Restriction Bypass
• Information Disclosure
• Data Manipulation
• Spoofing

System / Technologies affected

• Versions prior to iOS 18.7 and iPadOS 18.7
• Versions prior to iOS 26 and iPadOS 26
• Versions prior to macOS Sonoma 14.8
• Versions prior to macOS Sequoia 15.7
• Versions prior to macOS Tahoe 26
• Versions prior to tvOS 26
• Versions prior to watchOS 26
• Versions prior to visionOS 26
• Versions prior to Safari 26
• Versions prior to Xcode 26

For CVE-2025-43300

• Versions prior to iOS 15.8.5 and iPadOS 15.8.5
• Versions prior to iOS 16.7.12 and iPadOS 16.7.12

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

• iOS 18.7 and iPadOS 18.7
• iOS 26 and iPadOS 26
• macOS Sonoma 14.8
• macOS Sequoia 15.7
• macOS Tahoe 26
• tvOS 26
• watchOS 26
• visionOS 26
• Safari 26
• Xcode 26

For CVE-2025-43300

• iOS 15.8.5 and iPadOS 15.8.5
• iOS 16.7.12 and iPadOS 16.7.12

Vulnerability Identifier

• CVE-2024-27280
• CVE-2025-6965
• CVE-2025-24088
• CVE-2025-24133
• CVE-2025-24197
• CVE-2025-30468
• CVE-2025-31254
• CVE-2025-31255
• CVE-2025-31259
• CVE-2025-31268
• CVE-2025-31269
• CVE-2025-31270
• CVE-2025-31271
• CVE-2025-40909
• CVE-2025-43190
• CVE-2025-43203
• CVE-2025-43204
• CVE-2025-43207
• CVE-2025-43208
• CVE-2025-43231
• CVE-2025-43262
• CVE-2025-43263
• CVE-2025-43272
• CVE-2025-43273
• CVE-2025-43277
• CVE-2025-43279
• CVE-2025-43283
• CVE-2025-43285
• CVE-2025-43286
• CVE-2025-43287
• CVE-2025-43291
• CVE-2025-43292
• CVE-2025-43293
• CVE-2025-43294
• CVE-2025-43295
• CVE-2025-43297
• CVE-2025-43298
• CVE-2025-43299
• CVE-2025-43300
• CVE-2025-43301
• CVE-2025-43302
• CVE-2025-43303
• CVE-2025-43304
• CVE-2025-43305
• CVE-2025-43307
• CVE-2025-43308
• CVE-2025-43310
• CVE-2025-43311
• CVE-2025-43312
• CVE-2025-43314
• CVE-2025-43315
• CVE-2025-43316
• CVE-2025-43317
• CVE-2025-43318
• CVE-2025-43319
• CVE-2025-43321
• CVE-2025-43325
• CVE-2025-43326
• CVE-2025-43327
• CVE-2025-43328
• CVE-2025-43329
• CVE-2025-43330
• CVE-2025-43331
• CVE-2025-43332
• CVE-2025-43333
• CVE-2025-43337
• CVE-2025-43340
• CVE-2025-43341
• CVE-2025-43342
• CVE-2025-43343
• CVE-2025-43344
• CVE-2025-43346
• CVE-2025-43347
• CVE-2025-43349
• CVE-2025-43353
• CVE-2025-43354
• CVE-2025-43355
• CVE-2025-43356
• CVE-2025-43357
• CVE-2025-43358
• CVE-2025-43359
• CVE-2025-43362
• CVE-2025-43366
• CVE-2025-43367
• CVE-2025-43368
• CVE-2025-43369
• CVE-2025-43370
• CVE-2025-43371
• CVE-2025-43372
• CVE-2025-43375
• CVE-2025-48384

Source

• Apple

Related Link

• https://support.apple.com/en-us/125108
• https://support.apple.com/en-us/125109
• https://support.apple.com/en-us/125110
• https://support.apple.com/en-us/125111
• https://support.apple.com/en-us/125112
• https://support.apple.com/en-us/125113
• https://support.apple.com/en-us/125114
• https://support.apple.com/en-us/125115
• https://support.apple.com/en-us/125116
• https://support.apple.com/en-us/125117
• https://support.apple.com/en-us/125141
• https://support.apple.com/en-us/125142
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog