Apple Macos Sonoma vulnerabilities

CVE-2025-43468 [MEDIUM] CVE-2025-43468: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43468 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2025-43477 [MEDIUM] CVE-2025-43477: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43477 Component: Siri Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2025-43412 [MEDIUM] CVE-2025-43412: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43412 Component: TCC Impact: An app may be able to break out of its sandbox Description: A file quarantine bypass was addressed with additional checks.

CVE-2025-31199 [MEDIUM] CVE-2025-31199: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-31199 Component: Spotlight Impact: An app may be able to access sensitive user data Description: A logging issue was addressed with improved data redaction.

CVE-2025-43336 [MEDIUM] CVE-2025-43336: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43336 Component: SoftwareUpdate Impact: An app with root privileges may be able to access private information Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43391 [MEDIUM] CVE-2025-43391: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43391 Component: Photos Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2025-43398 [MEDIUM] CVE-2025-43398: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43398 Component: Kernel Impact: An app may be able to cause unexpected system termination Description: The issue was addressed with improved memory handling.

CVE-2025-43445 [MEDIUM] CVE-2025-43445: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43445 Component: CoreText Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2025-6442 [MEDIUM] CVE-2025-6442: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-6442 Component: CVE-2025-6442

CVE-2025-43389 [MEDIUM] CVE-2025-43389: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43389 Component: Notes Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed by removing the vulnerable code.

CVE-2025-43395 [LOW] CVE-2025-43395: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43395 Component: CloudKit Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved validation of symlinks.

CVE-2025-43410 [LOW] CVE-2025-43410: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43410 Component: Notes Impact: An attacker with physical access may be able to view deleted notes Description: The issue was addressed with improved handling of caches.

CVE-2025-43408 [LOW] CVE-2025-43408: macOS Sonoma 14.8.2 Apple Security Update: About the security content of macOS Sonoma 14.8.2 Product: macOS Sonoma Version: 14.8.2 CVE: CVE-2025-43408 Component: Share Sheet Impact: An attacker with physical access may be able to access contacts from the lock screen Description: This issue was addressed by restricting options offered on a locked device.

CVE-2025-43400 [MEDIUM] CVE-2025-43400: macOS Sonoma 14.8.1 Apple Security Update: About the security content of macOS Sonoma 14.8.1 Product: macOS Sonoma Version: 14.8.1 CVE: CVE-2025-43400 Component: FontParser Impact: Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2025-43359 [CRITICAL] CVE-2025-43359: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43359 Component: Kernel Impact: A UDP server socket bound to a local interface may become bound to all interfaces Description: A logic issue was addressed with improved state management.

CVE-2025-31255 [CRITICAL] CVE-2025-31255: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-31255 Component: IOKit Impact: An app may be able to access sensitive user data Description: An authorization issue was addressed with improved state management.

CVE-2024-27280 [CRITICAL] CVE-2024-27280: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2024-27280 Component: CVE-2024-27280

CVE-2025-43273 [CRITICAL] CVE-2025-43273: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43273 Component: CoreMedia Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-43358 [HIGH] CVE-2025-43358: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43358 Component: Shortcuts Impact: A shortcut may be able to bypass sandbox restrictions Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-43364 [HIGH] CVE-2025-43364: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43364 Component: NetFSFramework Impact: An app may be able to break out of its sandbox Description: A race condition was addressed with additional validation.