CVE-2025-43200
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-43200. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1EPSS Score
v2025.03.14There is a 0.8% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Available Exploits
Related News
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-43200 Apple Multiple Products Unspecified Vulnerability CVE-2023-33538 TP-Link Multiple Route…
A vulnerability was identified in Apple Products. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note: For CVE-2025-43200, a logic issue existed when processing a maliciously crafted phot…
A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. The attacks happened …
Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively ex…
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 202…
Affected Products
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Product
Ransomware Risk
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
EPSS Score
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: July 30, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: June 17, 2025, Modified: June 17, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
🔥 Top 10 Trending CVEs (06/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2023-52927](https://nvd.nist.gov/vuln/detail/CVE-2023-52927)** - 📝 In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from …
🔥 Top 10 Trending CVEs (05/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-6491](https://nvd.nist.gov/vuln/detail/CVE-2025-6491)** - 📝 n/a - 📈 **CVSS:** 0 - 🧭 **Vector:** n/a - ⚠️ **Priority:** n/a - 📝 **Analysis:** No Information available for this CVE at the moment. --- **2. [CVE-2025-49826](https://nvd.nist.gov/vuln/detail/CVE-2025-49826)** …
🔥 Top 10 Trending CVEs (04/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-41646](https://nvd.nist.gov/vuln/detail/CVE-2025-41646)** - 📝 An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device - …
🚨 تنبيه أمني خطير لمستخدمي أجهزة آبل (iPhone و iPad)! 🚨 يا جماعة الخير، تم اكتشاف ثغرة أمنية خطيرة جدًا تحت رقم CVE-2025-43200، تستهدف أجهزة iOS و iPadOS. وش تسوي الثغرة؟ هاكرز يقدرون يرسلون لك رسالة على تطبيق iMessage، ممكن تكون صورة، ملف، أو حتى رابط، وداخلها أكواد خبيثة تخترق …