Not a user yet?
Log in Register for free Suggest a product
Update

Fixed: An app may be able to gain root privileges

macOSmacOS
Apple

MacOS Sonoma 14.8.3
Released December 12, 2025

AppleJPEG
Available for: macOS Sonoma
Impact: Processing a file may lead to memory corruption
Description: The issue was addressed with improved bounds checks.
CVE-2025-43539: Michael Reeves (@IntegralPilot)

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-43519: an anonymous researcher

AppSandbox
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A logic issue was addressed with improved file handling.
CVE-2025-46289: an anonymous researcher

Audio
Available for: macOS Sonoma
Impact: An app may be able to cause a denial-of-service
Description: The issue was addressed with improved input validation.
CVE-2025-43482: Michael Reeves (@IntegralPilot), Jex Amro

Call History
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2025-43517: Wojciech Regula of SecuRing (wojciechregula.blog)

Call History
Available for: macOS Sonoma
Impact: An attacker may be able to spoof their FaceTime caller ID
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2025-46287: an anonymous researcher, Riley Walz

curl
Available for: macOS Sonoma
Impact: Multiple issues in curl
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-7264
CVE-2025-9086

Foundation
Available for: macOS Sonoma
Impact: An app may be able to inappropriately access files through the spellcheck API
Description: A logic issue was addressed with improved checks.
CVE-2025-43518: Noah Gregory (wts.dev)

Foundation
Available for: macOS Sonoma
Impact: Processing malicious data may lead to unexpected app termination
Description: A memory corruption issue was addressed with improved bounds checking.
CVE-2025-43532: Andrew Calvano and Lucas Pinheiro of Meta Product Security

Kernel
Available for: macOS Sonoma
Impact: An app may be able to elevate privileges
Description: A logic issue was addressed with improved checks.
CVE-2025-43512: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

Kernel
Available for: macOS Sonoma
Impact: An app may be able to gain root privileges
Description: An integer overflow was addressed by adopting 64-bit timestamps.
CVE-2025-46285: Kaitao Xie and Xiaolong Bai of Alibaba Group

libarchive
Available for: macOS Sonoma
Impact: Processing a file may lead to memory corruption
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-5918

MDM Configuration Tools
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: A permissions issue was addressed by removing the vulnerable code.
CVE-2025-43513: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

Messages
Available for: macOS Sonom
Impact: An app may be able to access sensitive user data
Description: An information disclosure issue was addressed with improved privacy controls.
CVE-2025-46276: Rosyna Keller of Totally Not Malicious Software

Networking
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved data protection.
CVE-2025-43509: Haoling Zhou, Shixuan Zhao (@NSKernel), Chao Wang (@evi0s), Zhiqiang Lin from SecLab of The Ohio State University

Screen Time
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2025-43538: Iván Savransky

SoftwareUpdate
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-43519: an anonymous researcher

StorageKit
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A parsing issue in the handling of directory paths was addressed with improved path validation.
CVE-2025-43463: Mickey Jin (@patch1t), Amy (@asentientbot)

sudo
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A logic issue was addressed with improved restrictions.
CVE-2025-43416: Gergely Kalman (@gergely_kalman)

Voice Control
Available for: macOS Sonoma
Impact: A user with Voice Control enabled may be able to transcribe another user's activity
Description: A session management issue was addressed with improved checks.
CVE-2025-43516: Kay Belardinelli (Harvard University)

VoiceOver
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved checks.
CVE-2025-43530: Mickey Jin (@patch1t)

More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Apple updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad