Start your free trial today.

Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.

Your Shield Against Threats

Unleash the Power of Cybersecurity

Boost Your Security, Enhance Your Business

We solve Your Cyber Challenges

Quick Links

Resources

Deepaegis Portals

Apple Multiple Products Unspecified Vulnerability

CVSS SCORE:4.8

CVE ID:CVE-2025-43200

SEVERITY:Medium

Vendor:macos

Exploitable?Yes

Summary

This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Impact

2.5

CVSS Metrics

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

version3.1

vectorStringCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

baseScore4.8

baseSeverityMEDIUM

attackVectorNETWORK

attackComplexityHIGH

privilegesRequiredNONE

userInteractionNONE

scopeUNCHANGED

confidentialityImpactLOW

integrityImpactLOW

availabilityImpactNONE

Exploitability Score2.2

Impact Score2.5

CWE Information

Source: nvd@nist.gov,Type: Primary

Action Information

Action Due: 7/7/2025

Remediation: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Exploit Added Date: 6/16/2025

Patch and Mitigation Information

Patch Information

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.