Detecting CVE-2025-43300: A Deep Dive into Apple's DNG Processing Vulnerability

The Discovery 🔗

CVE-2025-43300 represents one of those subtle yet devastating vulnerabilities that security researchers dream (or have nightmares) about. According to Apple’s official advisory, this out-of-bounds write issue was discovered in their implementation of JPEG Lossless Decompression code within the RawCamera.bundle, which processes Adobe’s DNG (Digital Negative) files.

What elevates this from a typical vulnerability to a critical threat is Apple’s chilling acknowledgment: “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals." This isn’t theoretical - it’s been weaponized.

The vulnerability affects a wide range of Apple devices and was patched across:

• iOS 18.6.2 and iPadOS 18.6.2
• macOS Sequoia 15.6.1
• macOS Sonoma 14.7.8
• macOS Ventura 13.7.8
• iPadOS 17.7.10

As a 0-click remote code execution vector, this represents the holy grail of mobile exploitation - no user interaction required, just silent compromise through a malicious image file.

The Vulnerability Mechanics 🔗

The beauty (or horror) of this vulnerability lies in its simplicity. It exploits a fundamental assumption mismatch between two cooperating components:

1. The Setup: A DNG file declares it has 2 samples per pixel in its SubIFD metadata (SamplesPerPixel = 2)
2. The Twist: The actual JPEG Lossless data within that same file only contains 1 component in its SOF3 marker
3. The Exploit: This mismatch causes the decompression routine to write beyond allocated buffer boundaries

Think of it as telling someone you’re sending them two packages, but only including one - except in this case, the recipient still tries to unpack both, reading into memory that doesn’t belong to them.

DNG File Format Internals 🔗

TIFF Structure 🔗

DNG files are based on the TIFF (Tagged Image File Format) specification. The structure consists of:

Header (8 bytes):
- Byte Order: 0x4949 (Little Endian) or 0x4D4D (Big Endian)
- Magic Number: 0x002A
- IFD Offset: 32-bit offset to first Image File Directory

IFD (Image File Directory):
- Entry Count: 16-bit count of directory entries
- Directory Entries: 12 bytes each
  - Tag: 16-bit identifier
  - Type: 16-bit field type
  - Count: 32-bit number of values
  - Value/Offset: 32-bit value or file offset
- Next IFD Offset: 32-bit offset to next IFD (0 if last)

SubIFD Structure 🔗

DNG files use SubIFDs (tag 0x014A) to store additional image data. The vulnerable code path involves:

• SubIFD containing JPEG Lossless compressed data (Compression tag = 7)
• SamplesPerPixel tag (0x0115) defining color components
• JPEG data referenced by StripOffsets (0x0111) or JPEGInterchangeFormat (0x0201)

JPEG Lossless Format 🔗

JPEG Lossless uses the Start of Frame 3 (SOF3) marker (0xFFC3) which contains:

SOF3 Structure:
- Marker: 0xFFC3
- Length: 16-bit segment length
- Precision: 8-bit sample precision
- Height: 16-bit image height
- Width: 16-bit image width
- Component Count: 8-bit number of components
- Component specifications follow...

Building a Detection Engine 🔗

To protect against this vulnerability, I developed ELEGANT BOUNCER, a Rust-based detection tool. This work builds upon the excellent reproduction steps and analysis provided by b1n4r1b01, who first documented the technical details of triggering this bug. Here’s how the detection works:

The Detection Algorithm 🔗

1. Parse the TIFF/DNG Structure

   • Read and validate TIFF headers (checking for those magic numbers)
   • Walk through the IFD chains like a detective following clues
   • Identify and process SubIFDs where the vulnerability lurks

2. Hunt for JPEG Lossless Compression

   • Look for Compression tag with value 7 (the JPEG Lossless indicator)
   • Locate JPEG data offset from StripOffsets or JPEGInterchangeFormat

3. Detect the Smoking Gun

   • Check if SamplesPerPixel = 2 (first red flag)
   • Parse JPEG data to find the SOF3 marker
   • Verify if SOF3 component count = 1 (second red flag)

4. Confirm the Exploit

   • When both conditions align (SamplesPerPixel=2 AND SOF3 components=1)
   • Flag the file as a CVE-2025-43300 exploit attempt

Implementation Details 🔗

The detection is implemented in Rust with the following key components:

TIFF Reader 🔗

struct TIFFReader {
    file: File,
    is_little_endian: bool,
}

Handles endianness-aware reading of TIFF structures.

IFD Entry Processing 🔗

struct IFDEntry {
    tag: u16,
    field_type: u16,
    count: u32,
    value_offset: u32,
}

Represents individual directory entries with proper type handling for inline values vs. file offsets.

JPEG Parser 🔗

The JPEG parser scans for SOF3 markers and extracts component counts while properly handling segment lengths and skipping non-relevant markers.

Why This Matters: The Attack Surface 🔗

This vulnerability should keep security teams up at night for several reasons:

1. Zero-Click Exploitation: DNG files can be processed automatically by iOS when received via iMessage or other messaging platforms. Your phone doesn’t ask permission - it just renders the preview.

2. Silent and Deadly: The vulnerability triggers during image preview generation. No user interaction required. No warning signs. Just silent code execution.

3. Widespread Attack Vector: DNG is Adobe’s open-source raw image format, commonly used by professional photographers. It’s not some obscure format - it’s everywhere.

4. High-Value Target: RawCamera.bundle processes various raw image formats, making it a prime target for attackers looking for a reliable entry point. Notably, security researcher u0pattern_cs discovered that Apple’s BlastDoor allows file-map-executable permissions specifically for RawCamera.bundle, potentially providing attackers with additional exploitation primitives once they achieve initial code execution.

Defending Against CVE-2025-43300 🔗

The immediate mitigation is straightforward:

• Update to iOS 18.6.2 or later - Apple has patched this vulnerability
• Implement file validation before processing DNG files in your own applications
• Use ELEGANT BOUNCER - Our open-source tool specifically designed to detect this vulnerability
• Disable automatic image preview for untrusted sources when possible

Testing the Detection 🔗

Want to validate the detection yourself? Here’s how:

# Clone ELEGANT BOUNCER
git clone https://github.com/msuiche/elegant-bouncer
cd elegant-bouncer

# Build the tool
cargo build --release

# Test with a suspicious DNG file
./target/release/elegant-bouncer --scan suspicious.dng

For research purposes, you can create a proof-of-concept following b1n4r1b01’s reproduction steps by modifying specific bytes in a legitimate DNG file:

• Offset 0x2FD00: Change 0x01 to 0x02 (modifies SamplesPerPixel)
• Offset 0x3E40B: Change 0x02 to 0x01 (modifies SOF3 component count)

Key Takeaways 🔗

CVE-2025-43300 is a masterclass in how subtle inconsistencies can lead to critical vulnerabilities. It demonstrates several important lessons:

1. Complexity is the Enemy of Security: When multiple file format standards interact (TIFF + JPEG), assumptions can become attack vectors.

2. Trust but Verify: Never trust metadata to accurately describe data. Always validate consistency between declarations and actual content.

3. Defense in Depth: While patching is essential, having detection tools like ELEGANT BOUNCER provides an additional layer of security.

4. 0-Click is Real: The automatic processing of image files in modern messaging apps creates a massive attack surface that we’re only beginning to understand.

This vulnerability reminds us that even in 2025, file format parsing remains a rich hunting ground for security researchers and attackers alike. Stay vigilant, keep your systems updated, and always validate your inputs.

Resources & References 🔗

• ELEGANT BOUNCER - Detection tool for CVE-2025-43300
• ELEGANT BOUNCER Detection Algorithm Implementation - Core detection algorithm commit
• CVE-2025-43300 Official CVE Record
• b1n4r1b01’s Technical Analysis and Reproduction Steps - Original bug reproduction and analysis
• r00tkitsmm’s iOS ImageIO Fuzzing Research - Comprehensive fuzzing research on iOS ImageIO vulnerabilities
• Apple Security Updates
• TIFF 6.0 Specification
• DNG Specification
• JPEG Lossless Specification (ITU-T T.81)

Have questions or found something interesting about this vulnerability? Reach out on Twitter or check out the ELEGANT BOUNCER repository for the latest updates.