Apple Macos Sonoma vulnerabilities

CVE-2025-24235 [MEDIUM] CVE-2025-24235: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-24235 Component: Kerberos Helper Impact: A remote attacker may be able to cause unexpected app termination or heap corruption Description: A memory initialization issue was addressed with improved memory handling.

CVE-2025-24199 [MEDIUM] CVE-2025-24199: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-24199 Component: Foundation Impact: An app may be able to cause a denial-of-service Description: An uncontrolled format string issue was addressed with improved input validation.

CVE-2025-24278 [MEDIUM] CVE-2025-24278: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-24278 Component: System Settings Impact: An app may be able to access protected user data Description: This issue was addressed with improved validation of symlinks.

CVE-2025-30446 [MEDIUM] CVE-2025-30446: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-30446 Component: PackageKit Impact: A malicious app with root privileges may be able to modify the contents of system files Description: A permissions issue was addressed with additional restrictions.

CVE-2025-24198 [MEDIUM] CVE-2025-24198: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-24198 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2025-30443 [MEDIUM] CVE-2025-30443: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-30443 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed by removing the vulnerable code.

CVE-2025-24157 [MEDIUM] CVE-2025-24157: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-24157 Component: Xsan Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2025-24271 [MEDIUM] CVE-2025-24271: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-24271 Component: AirPlay Impact: An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing Description: An access issue was addressed with improved access restrictions.

CVE-2024-40864 [LOW] CVE-2024-40864: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2024-40864 Impact: An attacker in a privileged network position may be able to track a user's activity Description: The issue was addressed with improved handling of protocols.

CVE-2025-27113 [LOW] CVE-2025-27113: macOS Sonoma 14.7.5 Apple Security Update: About the security content of macOS Sonoma 14.7.5 Product: macOS Sonoma Version: 14.7.5 CVE: CVE-2025-27113 Component: CVE-2025-27113

CVE-2025-43200 [MEDIUM] CVE-2025-43200: macOS Sonoma 14.7.4 Apple Security Update: About the security content of macOS Sonoma 14.7.4 Product: macOS Sonoma Version: 14.7.4 CVE: CVE-2025-43200 Component: Messages Impact: A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. Description: This issue was addresse

CVE-2025-24154 [CRITICAL] CVE-2025-24154: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24154 Component: WebContentFilter Impact: An attacker may be able to cause unexpected system termination or corrupt kernel memory Description: An out-of-bounds write was addressed with improved input validation.

CVE-2025-24146 [CRITICAL] CVE-2025-24146: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24146 Component: Photos Storage Impact: Deleting a conversation in Messages may expose user contact information in system logging Description: This issue was addressed with improved redaction of sensitive information.

CVE-2025-24102 [CRITICAL] CVE-2025-24102: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24102 Component: CoreRoutine Impact: An app may be able to determine a user’s current location Description: The issue was addressed with improved checks.

CVE-2025-24093 [CRITICAL] CVE-2025-24093: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24093 Component: Sandbox Impact: An app may be able to access removable volumes without user consent Description: A permissions issue was addressed with additional restrictions.

CVE-2025-24156 [HIGH] CVE-2025-24156: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24156 Component: Xsan Impact: An app may be able to elevate privileges Description: An integer overflow was addressed through improved input validation.

CVE-2025-24118 [HIGH] CVE-2025-24118: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24118 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: The issue was addressed with improved memory handling.

CVE-2024-55549 [HIGH] CVE-2024-55549: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2024-55549 Component: LaunchServices Impact: An app may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions.

CVE-2025-24174 [HIGH] CVE-2025-24174: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24174 Component: CoreRoutine Impact: An app may be able to determine a user’s current location Description: The issue was addressed with improved checks.

CVE-2025-24159 [HIGH] CVE-2025-24159: macOS Sonoma 14.7.3 Apple Security Update: About the security content of macOS Sonoma 14.7.3 Product: macOS Sonoma Version: 14.7.3 CVE: CVE-2025-24159 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A validation issue was addressed with improved logic.