{"id":9177,"date":"2025-12-13T10:03:39","date_gmt":"2025-12-13T10:03:39","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/12\/13\/apple-0-day-vulnerabilities-exploited-in-sophisticated-attacks-targeting-iphone-users\/"},"modified":"2025-12-13T10:03:39","modified_gmt":"2025-12-13T10:03:39","slug":"apple-0-day-vulnerabilities-exploited-in-sophisticated-attacks-targeting-iphone-users","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/12\/13\/apple-0-day-vulnerabilities-exploited-in-sophisticated-attacks-targeting-iphone-users\/","title":{"rendered":"Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users"},"content":{"rendered":"

Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Apple patches two WebKit zero-day flaws actively exploited in sophisticated attacks targeting specific iPhone users running iOS versions prior to 26.\u200b<\/p>\n

The iOS 26.2 and iPadOS 26.2 updates, released December 12, 2025, address CVE-2025-43529 and CVE-2025-14174 in WebKit. CVE-2025-43529 involves a use-after-free vulnerability<\/a> enabling arbitrary code execution via malicious web content, discovered by Google Threat Analysis Group.<\/p>\n

CVE-2025-14174 is a related memory corruption issue, credited to Apple and Google TAG, with both flaws linked to targeted spyware campaigns.\u200b<\/p>\n

\n\n\n\n\n\n\n
CVE ID<\/th>\nComponent<\/th>\nImpact<\/th>\nDescription<\/th>\nResearcher(s)<\/th>\n<\/tr>\n<\/thead>\n
CVE-2025-43529<\/td>\nWebKit<\/td>\nArbitrary code execution<\/td>\nUse-after-free, improved memory management<\/td>\nGoogle Threat Analysis Group \u200b<\/td>\n<\/tr>\n
CVE-2025-14174<\/td>\nWebKit<\/td>\nMemory corruption<\/td>\nImproved validation<\/td>\nApple & Google TAG \u200b<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

These flaws affect iPhone 11 and later models, plus specified iPad Pro, Air, and mini variants.\u200b<\/p>\n

Other Critical Fixes<\/strong><\/h2>\n

Apple resolved<\/a> over 30 vulnerabilities across components like Kernel, Foundation, Screen Time, and curl. Notable issues include a Kernel integer overflow (CVE-2025-46285) allowing root privilege escalation, discovered by Alibaba Group researchers, and multiple Screen Time logging flaws exposing Safari history or user data (CVE-2025-46277, CVE-2025-43538).<\/p>\n

WebKit saw additional patches for type confusion, buffer overflows<\/a>, and crashes (e.g., CVE-2025-43541, CVE-2025-43501). Open-source flaws in libarchive (CVE-2025-5918) and curl (CVE-2024-7264, CVE-2025-9086) were also addressed.\u200b<\/p>\n

\n\n\n\n\n\n\n\n
Component<\/th>\nCVE ID<\/th>\nImpact<\/th>\nKey Researcher<\/th>\n<\/tr>\n<\/thead>\n
Kernel<\/td>\nCVE-2025-46285<\/td>\nRoot privileges<\/td>\nKaitao Xie, Xiaolong Bai \u200b<\/td>\n<\/tr>\n
Screen Time<\/td>\nCVE-2025-46277<\/td>\nAccess Safari history<\/td>\nKirin (@Pwnrin)\u200b<\/td>\n<\/tr>\n
Messages<\/td>\nCVE-2025-46276<\/td>\nAccess sensitive data<\/td>\nRosyna Keller\u200b<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Affected Devices and Mitigation<\/strong><\/h2>\n

Impacts span iPhone 11+, iPad Pro 12.9-inch (3rd gen+), iPad Pro 11-inch (1st gen+), iPad Air (3rd gen+), iPad (8th gen+), and iPad mini (5th gen+). <\/p>\n

Users should update immediately via Settings > General > Software Update to mitigate risks from these targeted exploits, consistent with patterns seen in prior spyware attacks. Apple notes no details on attackers, but collaboration with Google underscores nation-state-level threats.\u200b<\/p>\n

\n\n\n\n\n\n\n
Product<\/th>\nAffected Versions<\/th>\nPatched Version<\/th>\nCompatible Devices<\/th>\n<\/tr>\n<\/thead>\n
iOS<\/td>\nBefore 26.2 (exploited pre-26)<\/td>\n26.2<\/td>\niPhone 11 and later\u200b<\/td>\n<\/tr>\n
iPadOS<\/td>\nBefore 26.2 (exploited pre-26)<\/td>\n26.2<\/td>\niPad Pro 12.9\u2033 (3rd gen+), iPad Pro 11\u2033 (1st gen+), iPad Air (3rd gen+), iPad (8th gen+), iPad mini (5th gen+)\u200b<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n

The post Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Guru Baran
\n \t

\n
<\/BR>
\nGo to cyber-security-news<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users Apple patches two WebKit zero-day flaws actively exploited in sophisticated attacks targeting specific iPhone users running iOS versions prior to 26.\u200b The iOS 26.2 and iPadOS 26.2 updates, released December 12, 2025, address CVE-2025-43529 and CVE-2025-14174 in WebKit. CVE-2025-43529 involves a use-after-free vulnerability enabling arbitrary […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-9177","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/9177"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=9177"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/9177\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=9177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=9177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=9177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}