Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter

blog.quarkslab.com

Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter

blog.quarkslab.com

digicatM to

blueteamsecEnglish · 4 months ago

Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter - Quarkslab's blog

blog.quarkslab.com

On August 20th, Apple released an out-of-band security fix for its main operating systems. This patch allegedly fixes CVE-2025-43300, an out-of-bounds write, addressed with improved bounds checking in the ImageIO framework. In this blog post we provide a root cause analysis of the vulnerability.

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

17 users / day
104 users / week
276 users / month
882 users / 6 months
217 local subscribers
585 subscribers
1.84K Posts
149 Comments
Modlog

mods:
digicat