Apple Macos Sonoma vulnerabilities

CVE-2025-43190 [MEDIUM] CVE-2025-43190: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43190 Component: Spell Check Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43332 [MEDIUM] CVE-2025-43332: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43332 Component: Security Initialization Impact: An app may be able to break out of its sandbox Description: A file quarantine bypass was addressed with additional checks.

CVE-2025-43302 [MEDIUM] CVE-2025-43302: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43302 Component: IOHIDFamily Impact: An app may be able to cause unexpected system termination Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2025-43367 [MEDIUM] CVE-2025-43367: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43367 Component: Siri Impact: An app may be able to access protected user data Description: A privacy issue was addressed by moving sensitive data.

CVE-2025-43308 [MEDIUM] CVE-2025-43308: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43308 Component: Touch Bar Controls Impact: An app may be able to access sensitive user data Description: This issue was addressed with additional entitlement checks.

CVE-2025-43321 [MEDIUM] CVE-2025-43321: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43321 Component: AppKit Impact: An app may be able to access protected user data Description: The issue was resolved by blocking unsigned services from launching on Intel Macs.

CVE-2025-43311 [MEDIUM] CVE-2025-43311: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43311 Component: Touch Bar Impact: An app may be able to access protected user data Description: This issue was addressed with additional entitlement checks.

CVE-2025-43299 [MEDIUM] CVE-2025-43299: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43299 Component: LaunchServices Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved checks.

CVE-2025-43355 [MEDIUM] CVE-2025-43355: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43355 Component: MobileStorageMounter Impact: An app may be able to cause a denial-of-service Description: A type confusion issue was addressed with improved memory handling.

CVE-2025-43345 [MEDIUM] CVE-2025-43345: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43345 Component: Kernel Impact: An app may be able to access sensitive user data Description: A correctness issue was addressed with improved checks.

CVE-2025-43293 [MEDIUM] CVE-2025-43293: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43293 Component: SharedFileList Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved input validation.

CVE-2025-43315 [MEDIUM] CVE-2025-43315: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43315 Component: MigrationKit Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2025-31268 [MEDIUM] CVE-2025-31268: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-31268 Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43349 [LOW] CVE-2025-43349: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43349 Component: CoreAudio Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2025-43301 [LOW] CVE-2025-43301: macOS Sonoma 14.8 Apple Security Update: About the security content of macOS Sonoma 14.8 Product: macOS Sonoma Version: 14.8 CVE: CVE-2025-43301 Component: Notification Center Impact: An app may be able to access contact info related to notifications in Notification Center Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2025-43300 [CRITICAL] CVE-2025-43300: macOS Sonoma 14.7.8 Apple Security Update: About the security content of macOS Sonoma 14.7.8 Product: macOS Sonoma Version: 14.7.8 CVE: CVE-2025-43300 Component: ImageIO Impact: Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. Description: An out-of-bounds write issue was addressed with improved

CVE-2025-43232 [CRITICAL] CVE-2025-43232: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43232 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43198 [CRITICAL] CVE-2025-43198: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43198 Component: Dock Impact: An app may be able to access protected user data Description: This issue was addressed by removing the vulnerable code.

CVE-2025-43184 [CRITICAL] CVE-2025-43184: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43184 Component: Shortcuts Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2025-43192 [CRITICAL] CVE-2025-43192: macOS Sonoma 14.7.7 Apple Security Update: About the security content of macOS Sonoma 14.7.7 Product: macOS Sonoma Version: 14.7.7 CVE: CVE-2025-43192 Component: Managed Configuration Impact: Account-driven User Enrollment may still be possible with Lockdown Mode turned on Description: A configuration issue was addressed with additional restrictions.