CVE-2025-43200 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: USER_INTERACTION

CVE Published: 2025-06-16

Added to CISA KEV: 2025-06-16 0 DAY BETWEEN CVE AND KEV

⚠️ CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity before patching
Immediately update all Apple devices to patched versions (iOS 18.3.1, macOS 15.3.1, etc.)
Monitor for suspicious iCloud Link sharing activities
High patch priority due to CISA KEV status and active exploitation

Known Exploited Vulnerabilities Catalog | CISA
CVE-2025-43200. Apple Multiple Products Unspecified Vulnerability: Apple iOS, iPadOS, macOS, watchOS, and visionOS, contain an unspecified vulnerability when processing a maliciously crafted photo or video shared via an iCloud Link.
CVE-2025-43200 Detail - NVD
A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link.
CISA Warns of iOS 0-Click Vulnerability Exploited in the Wild
CVE-2025-43200 specifically targets Apple’s media processing functionality when handling content shared through iCloud Links, creating an attack vector that bypasses traditional user awareness and security measures. CISA added this vulnerability to the KEV catalog on June 16, 2025...
iOS zero-click attacks used to deliver Graphite spyware (CVE-2025 ...
CVE-2025-43200 is a logic issue triggered when the Apple smartphone processed a maliciously crafted photo or video shared via an iCloud Link.
CVE-2025-43200 - Tenable
Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

🟢 CVE-2025-43200