REDAZIONE RHC: August 21, 2025 08:50
Apple has published an urgent security fix for iOS and iPados to approach a critical vulnerability at zero. This vulnerability, identified as CVE-2025-43300, was confirmed as actively exploited in very targeted attacks.
THE Urgent patchesPosted under the name of iOS 18.6.2 and iPados 18.6.2, addresses a vulnerability of memory corruption which could be triggered by the processing of a specially designed image file.
The main problem is an outstanding writing in the Framework imageio, A critical component of how Apple operating systems manage and play various image formats.
According to Apple’s security notice, the company is “Aware of a report that this problem could have been exploited in a very sophisticated attack targeting specific individuals. “”
By sending a malicious image, an attacker could write data outside the planned memory stamp. This type of memory corruption is a classic vector for the execution of arbitrary code, potentially allowing an attacker to take total control of an affected device.
This attack model is similar to the preceding zero click exploits used to implement surveillance tools like Pegasus, in which the victims are compromised simply by receiving a file via a messaging application, without any user interaction.
Apple’s published corrective coverage:
- iPhone XS and later
- iPad Pro (third generation of 13 inch, 12.9 inches and later, first generation of 11 inch and later)
- 3rd generation iPad Air
- 7th generation iPad and later
- 5th generation iPad Mini and later
The active exploitation of CVE-2025-43300 transforms it from a theoretical risk to a clear and present danger for users of unrelated devices.
The editorial team of Red Hot Cyber consists of a group of anonymous people and sources who actively collaborate to provide early information and news on cybersecurity and IT in general.
Lista degli Articoli
