Medium severity4.2CISA KEVNVD Advisory· Published Jun 16, 2025· Updated Apr 3, 2026

CVE-2025-43200

Description

This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, watchOS 11.3.1. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Affected products

Apple Inc./Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Range: <15.8.4
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <15.8.4
Apple Inc./macOS
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Range: >=13.0,<13.7.4
Apple Inc./Visionos
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Range: <2.3.1
Apple Inc./watchOS
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Range: <11.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/122173nvdVendor Advisory
support.apple.com/en-us/122174nvdVendor Advisory
support.apple.com/en-us/122345nvdVendor Advisory
support.apple.com/en-us/122346nvdVendor Advisory
support.apple.com/en-us/122900nvdVendor Advisory
support.apple.com/en-us/122901nvdVendor Advisory
support.apple.com/en-us/122902nvdVendor Advisory
support.apple.com/en-us/122903nvdVendor Advisory
support.apple.com/en-us/122904nvdVendor Advisory
citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/nvdPress/Media Coverage
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.273
epss	0.001
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000