High Threat Security Alert (A25-09-12): Multiple Vulnerabilities in Apple Products


 

Published on: 16 September 2025

Share on Facebook    Share on X   

Description:

Apple has released iOS 26, iPadOS 26, iOS 18.7, iPadOS 18.7, iOS 16.7.12, iPadOS 16.7.12, iOS 15.8.5, iPadOS 15.8.5, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, Safari 26, tvOS 26, visionOS 26, watchOS 26 and Xcode 26 to fix the vulnerabilities in various Apple devices. The list of vulnerabilities information can be found at:
https://support.apple.com/en-us/125108
https://support.apple.com/en-us/125109
https://support.apple.com/en-us/125110
https://support.apple.com/en-us/125111
https://support.apple.com/en-us/125112
https://support.apple.com/en-us/125113
https://support.apple.com/en-us/125114
https://support.apple.com/en-us/125115
https://support.apple.com/en-us/125116
https://support.apple.com/en-us/125117
https://support.apple.com/en-us/125141
https://support.apple.com/en-us/125142

Reports indicated that the vulnerability (CVE-2025-43300) is at a high risk of exploitation. Users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • iPhone 6S and later
  • iPad 5th generation, 7th generation and later, Air 2rd generation and later, mini 4th generation, mini 5th generation and later, Pro 9.7-inch, Pro 11-inch 1st generation and later, Pro 12.9-inch 1rd generation and later, Pro 13-inch
  • macOS Sequoia prior to version 15.7
  • macOS Sonoma prior to version 14.8
  • macOS Tahoe prior to version 26
  • Safari prior to version 26
  • tvOS prior to version 26
  • visionOS prior to version 26
  • watchOS prior to version 26
  • Xcode prior to version 26

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security restriction bypass, spoofing or tampering on an affected device.

 

Recommendation:

Patches for affected products are available. Users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/125108
  • https://support.apple.com/en-us/125109
  • https://support.apple.com/en-us/125110
  • https://support.apple.com/en-us/125111
  • https://support.apple.com/en-us/125112
  • https://support.apple.com/en-us/125113
  • https://support.apple.com/en-us/125114
  • https://support.apple.com/en-us/125115
  • https://support.apple.com/en-us/125116
  • https://support.apple.com/en-us/125117
  • https://support.apple.com/en-us/125141
  • https://support.apple.com/en-us/125142
  • https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20250916
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27280
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24088
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24133
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24197
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30468
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31254 (to CVE-2025-31255)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31259
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31268 (to CVE-2025-31271)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43190
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43203 (to CVE-2025-43204)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43207 (to CVE-2025-43208)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43231
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43262 (to CVE-2025-43263)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43272 (to CVE-2025-43273)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43277
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43279
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43283
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43285 (to CVE-2025-43287)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43291 (to CVE-2025-43295)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43297 (to CVE-2025-43299)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43300 (to CVE-2025-43305)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43307 (to CVE-2025-43308)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43310 (to CVE-2025-43312)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43314 (to CVE-2025-43319)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43321
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43325 (to CVE-2025-43333)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43337
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43340 (to CVE-2025-43344)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43346 (to CVE-2025-43347)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43349
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43353 (to CVE-2025-43359)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43362
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43366 (to CVE-2025-43372)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43375
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384


Tag: Apple , iOS , iPadOS , macOS , Safari , visionOS , watchOS , Xcode
Tags