**Name of the Vulnerable Software and Affected Versions:**

Apple iOS, iPadOS, and macOS versions 17.7.10 through 18.6.2, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8.

**Description:**

An out-of-bounds write vulnerability exists in the ImageIO framework, a core component responsible for processing image files. Processing a maliciously crafted image file may result in memory corruption, potentially allowing an attacker to execute arbitrary code. Apple is aware of reports indicating this vulnerability (CVE-2025-43300) has been actively exploited in highly sophisticated, targeted attacks. These attacks may involve zero-click exploitation, meaning no user interaction is required beyond receiving the malicious image. Reports suggest the vulnerability has been used to target individuals with cryptocurrency holdings.

**Recommendations:**

- Update iOS to version 18.6.2 or later.

- Update iPadOS to version 18.6.2 or 17.7.10.

- Update macOS Sequoia to version 15.6.1.

- Update macOS Sonoma to version 14.7.8.

- Update macOS Ventura to version 13.7.8.

- Avoid opening images from untrusted sources.

- Disable auto-download of images in applications like Telegram and iMessage.