VDB
NCSC-2025-0266
NCSC-2025-0266
PUBLISHED
Apple heeft een kwetsbaarheid verholpen in verschillende Apple besturingssystemen.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| vers:apple/13.7.8 | ||
| vers:apple/18.6.2 | ||
| vers:apple/14.7.8 | ||
| vers:apple/15.6.1 | ||
| vers:unknown/unspecified|<18.6 |
Exploit Intelligence
- The exploit code for CVE-2025-43300. (github-poc)
- Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, bypassing LockDown mode protection by exploiting ImageIO (CVE-2025-43300), then WebKit(CVE-2025-24201) and Core Media(CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction. (github-poc-repo)
- CVE-2025-55177 + CVE-2025-43300: reverse-engineering the WhatsApp-ImageIO zero-click iOS chain, with interactive labs. (github-poc-repo)
- CVE-2025-43300: iOS/macOS DNG Image Processing Memory Corruption (github-poc)
- This is POC for IOS 0click CVE-2025-43300 (github-poc)
- ticofookfook/CVE-2025-43300 (github-poc)
- veniversum/cve-2025-43300 (github-poc)
- CVE-2025-43300: iOS/macOS DNG Image Processing Memory Corruption (github-poc)
- This is POC for IOS 0click CVE-2025-43300 (github-poc)
- The exploit code for CVE-2025-43300. (github-poc)
…and 12 more exploits
Timeline
- Aug 22, 2025 CVE Published
- Aug 25, 2025 CVE Updated