Act Now: Detection of Zero Click Vulnerability in Apple Devices
- SEPTEMBER 3RD, 2025
- 2min read
Zero click attack is the type of cyberattack that can be executed without any user interaction or awareness. The victim does not have to click or download anything for the attack to succeed. Apple has released security updates addressing a zero-click vulnerability which is being weaponised in their products. Users and administrators of affected Apple products are advised to update to the latest versions immediately.
CVE-2025-43300 is an out-of-bounds write vulnerability in Apple’s ImageIO framework. In other words, it is found in the part of the system that deals with pictures, which means every time your phone or computer opens, previews, or saves an image, this hidden system is at work. The flaw allows hackers to create a special “poisoned” image file that, if your device tries to process it, could make it crash or let the hacker secretly install harmful software. What makes it worrying is that you don’t even need to click on the image, just receiving it through an app, email, or website could be enough for the attack to work.
This happens because the system gets confused about where it’s storing information in memory. To put it simply, it’s like someone saying they’re giving you two boxes but only handing you one. When you try to open both, you end up opening the wrong space, which wasn’t meant for you. Hackers take advantage of this mistake to slip in their own instructions.
Defending Against CVE-2025-43300
- This vulnerability affects a wide range of Apple devices and security patches have been rolled out. Update your devices to the latest version below:
- iOS 18.6.2 and iPadOS 18.6.2
- iPadOS 17.7.10
- macOS 14.7.8
- macOS 13.7.8
- macOS Sequoia 15.6.1
- Implement file validation before processing DNG files in your own applications
- Disable automatic image preview for untrusted sources when possible
Explore more CIL Advisories
Review Bombing Attacks and Extortion
IntroductionMalicious actors use "review-bombing", a coordinated flood of fake, one-star reviews as an initial step for extortion. This high volume…
NOVEMBER 26TH, 2025
Read More
Synthetic Phishing: AI-Enabled Insider Impersonation
IntroductionThreat actors increasingly use artificial intelligence (AI) to impersonate trusted individuals such as executives, employees, or suppliers within organisations. These…
NOVEMBER 24TH, 2025
Read More
The Silent Security Threat: Data Hoarding
IntroductionThe greatest risk to your organization may be the sheer volume of data we hold, a practice known as Data…
NOVEMBER 19TH, 2025
Read MoreNever miss a CIL Security Advisory
Stay informed with the latest security updates and insights from CIL.
