Summary:
A just-discovered vulnerability that affects Apple devices has prompted an order to government agencies to patch the bug.

The Cybersecurity and Infrastructure Security Agency (CISA) ordered civilian federal agencies to install a patch for CVE-2025-43300, a vulnerability that affects Apple iPhones, iPads, and MacBooks, by September 11.

Apple Wednesday said it is "aware of a report that this issue might have been exploited in an very highly skilled attack on targeted individuals."

CISA included the vulnerability in its Known Exploited Vulnerability catalog Thursday and rated the vulnerability 8.8 out of 10 in severity.

The flaw exists within Apple's ImageIO framework that manages image formats on iOS, iPadOS, and macOS. It has been described by security experts as a zero-click exploit that can be successfully triggered simply by opening a specially designed image file. That makes it especially dangerous since no user interaction is required.

Apple has experienced a steady stream of zero-day disclosures recently, often linked to spyware vendors targeting political figures, activists, and dissidents. Previous bugs in ImageIO, like the BLASTPASS exploit chain, have been linked to NSO Group's Pegasus spyware.

Security Officer Comments:
This is a notable warning because it brings to light the steady targeting of Apple devices by highly sophisticated exploits. While existing exploitation to date targets select people rather than masses, history teaches that such exploits tend to trickle down into mass use once released.

The fact that the vulnerability requires no participation on the part of the victim raises the stakes, especially for the high-risk users such as government employees, journalists, or managers of exposed industries. Even assuming that the odds of the average user being targeted are low, the risk of damage is so catastrophic that patching now will be worth it.

Suggested Corrections:

• Update all Apple devices immediately to the latest version of iOS, iPadOS, and macOS, which contain the fix for CVE-2025-43300.
• Encourage employees to avoid downloading or opening unsolicited image files, even from seemingly trusted sources, until devices are fully patched.
• Organizations should prioritize patching for users with elevated risk profiles, such as executives, policymakers, or staff who handle sensitive data.
• Consider enabling Apple’s Lockdown Mode for high-risk users, as it reduces the attack surface for zero-click exploits.
• Monitor threat intelligence sources and Apple’s official advisories for further developments, as exploit techniques may evolve.

Link(s):
https://therecord.media/cisa-warns-of-apple-zero-day 

https://www.cisa.gov/news-events/al...dds-one-known-exploited-vulnerability-catalog