← Back to context

Comment by ethagnawl

2 days ago

How does the exploit work, though? The article does some real handwaving around "now the device is yours and now it's not". They don't need to go too deep but isn't anyone reading that far into the article going to be curious?

8 comments

ethagnawl

Reply
input_sh  2 days ago

You're not gonna find technical details in an AP article of all places.

You will find it in CitizenLab's report: https://citizenlab.ca/2025/06/first-forensic-confirmation-of...

9935c101ab17a66  12 hours ago

I don't have a full answer for you, but I found some more info in the CitizenLab report [^1] about the incidents.

(Small aside, but CitizenLab is excellent and such a valuable resource)

CitizenLab states the zero-click iMessage attack — CVE-2025-43200 - used as one of the vectors was fixed by Apple in iOS 18.3.1.

Apple has an "About the security content of iOS 18.3.1 and iPadOS 18.3.1" [^2] page, and it contains the following:

---

Messages Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

Impact: A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Description: This issue was addressed with improved checks.

CVE-2025-43200: Apple

---

1: https://citizenlab.ca/2025/06/first-forensic-confirmation-of...

2: https://support.apple.com/en-us/122174