CVE-2025-43200
Published: 16 June 2025
Summary
CVE-2025-43200 is a medium-severity an unspecified weakness vulnerability in Apple Ipados. Its CVSS base score is 4.2 (Medium).
Operationally, ranked in the top 24.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
A logic issue existed in multiple Apple operating systems when processing a maliciously crafted photo or video shared via an iCloud Link. The affected platforms include iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, and watchOS 11.3.1. The flaw was addressed through improved validation checks in these releases.
An attacker could exploit the issue by delivering a specially crafted media file through an iCloud Link, requiring user interaction and high attack complexity to achieve limited impacts on confidentiality and integrity. Apple has stated that the vulnerability may have been used in an extremely sophisticated attack targeting specific individuals.
The referenced Apple security advisories confirm that updating to the listed patched versions mitigates the risk by implementing the improved checks. No further workaround details are provided beyond installation of the fixes.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-18428
Vulnerability details
This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1,…
more
watchOS 11.3.1. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- CWE(s)
- KEV Date Added
- 16 June 2025
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of input data (photos/videos received via iCloud Link) to reject malformed or maliciously crafted content before processing.
Mandates timely application of patches that implement the improved validation checks fixing the logic flaw in media handling.
Requires integrity verification mechanisms that can detect or block processing of tampered media files delivered through iCloud Links.