Apple Macos Sonoma vulnerabilities

CVE-2025-43260 [MEDIUM] CVE-2025-43260: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43260 Component: PackageKit Impact: An app may be able to hijack entitlements granted to other privileged apps Description: This issue was addressed with improved data protection.

CVE-2025-43247 [MEDIUM] CVE-2025-43247: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43247 Component: PackageKit Impact: A malicious app with root privileges may be able to modify the contents of system files Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43259 [MEDIUM] CVE-2025-43259: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43259 Component: WindowServer Impact: An attacker with physical access to a locked device may be able to view sensitive user information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2025-43241 [MEDIUM] CVE-2025-43241: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43241 Component: SceneKit Impact: An app may be able to read files outside of its sandbox Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43246 [MEDIUM] CVE-2025-43246: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43246 Component: Spotlight Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved checks.

CVE-2025-43282 [MEDIUM] CVE-2025-43282: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43282 Component: Kernel Impact: An app may be able to cause unexpected system termination Description: A double free issue was addressed with improved memory management.

CVE-2025-43236 [LOW] CVE-2025-43236: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43236 Component: Power Management Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved memory handling.

CVE-2025-43255 [LOW] CVE-2025-43255: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43255 Component: GPU Drivers Impact: An app may be able to cause unexpected system termination Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2025-30448 [CRITICAL] CVE-2025-30448: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-30448 Component: DiskArbitration Impact: An app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions.

CVE-2025-30442 [HIGH] CVE-2025-30442: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-30442 Component: SoftwareUpdate Impact: An app may be able to gain elevated privileges Description: The issue was addressed with improved input sanitization.

CVE-2025-31240 [HIGH] CVE-2025-31240: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31240 Component: About Apple security updates Impact: Connecting to a malicious AFP server may corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2025-31221 [HIGH] CVE-2025-31221: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31221 Component: Security Impact: A remote attacker may be able to leak memory Description: An integer overflow was addressed with improved input validation.

CVE-2025-24258 [HIGH] CVE-2025-24258: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-24258 Component: DiskArbitration Impact: An app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions.

CVE-2025-31213 [HIGH] CVE-2025-31213: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31213 Component: Security Impact: An app may be able to access associated usernames and websites in a user's iCloud Keychain Description: A logging issue was addressed with improved data redaction.

CVE-2025-31232 [HIGH] CVE-2025-31232: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31232 Component: Installer Impact: A sandboxed app may be able to access sensitive user data Description: A logic issue was addressed with improved checks.

CVE-2025-31247 [HIGH] CVE-2025-31247: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31247 Component: SharedFileList Impact: An attacker may gain access to protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2025-31219 [HIGH] CVE-2025-31219: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31219 Component: Kernel Impact: An attacker may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2025-31237 [HIGH] CVE-2025-31237: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31237 Component: About Apple security updates Impact: Connecting to a malicious AFP server may corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2025-31208 [HIGH] CVE-2025-31208: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-31208 Component: CoreAudio Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks.

CVE-2025-24274 [HIGH] CVE-2025-24274: macOS Sonoma 14.7.6 Apple Security Update: About the security content of macOS Sonoma 14.7.6 Product: macOS Sonoma Version: 14.7.6 CVE: CVE-2025-24274 Component: Mobile Device Service Impact: A malicious app may be able to gain root privileges Description: An input validation issue was addressed by removing the vulnerable code.