SB2025073055 - Multiple vulnerabilities in Apple macOS Ventura
Published: July 30, 2025 Updated: October 16, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 43 secuirty vulnerabilities.
1) Memory corruption (CVE-ID: CVE-2025-43193)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in SecurityAgent. A local application can cause a denial-of-service.
2) Information exposure through log files (CVE-ID: CVE-2025-43225)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to inclusion of sensitive information into a log file in Notes. A local application can access sensitive user data.
3) Permissions, privileges, and access controls (CVE-ID: CVE-2025-43266)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in NSSpellChecker. A local application can break out of its sandbox.
4) Permissions, privileges, and access controls (CVE-ID: CVE-2025-43247)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in PackageKit. A local application can trick the victim into opening a specially crafted file and modify the contents of system files.
5) Improper access control (CVE-ID: CVE-2025-43194)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in PackageKit. A local application can modify protected parts of the file system.
6) Permissions, privileges, and access controls (CVE-ID: CVE-2025-43241)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in SceneKit. A local application can trick the victim into opening a specially crafted file and read files outside of its sandbox.
7) Improper limitation of a pathname to a restricted directory ('path traversal') (CVE-ID: CVE-2025-43250)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to incorrect handling of path names in SharedFileList. A local application can break out of its sandbox.
8) Improper access control (CVE-ID: CVE-2025-43197)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in Single Sign-On. A local application can access sensitive user data.
9) Memory corruption (CVE-ID: CVE-2025-43239)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in sips. A local application can trick the victim into opening a specially crafted file and perform unexpected app termination.
10) Permissions, privileges, and access controls (CVE-ID: CVE-2025-43243)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in Software Update. A local application can modify protected parts of the file system.
11) Improper limitation of a pathname to a restricted directory ('path traversal') (CVE-ID: CVE-2025-43206)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to incorrect handling of path names in System Settings. A local application can trick the victim into opening a specially crafted file and access protected user data.
12) Exposure of sensitive information to an unauthorized actor (CVE-ID: CVE-2025-43259)
The vulnerability allows an attacker with physical access to the system to gain access to sensitive information.
The vulnerability exists due to excessive data output in WindowServer. An attacker with physical access to the system can view sensitive user information.
13) Improper input validation (CVE-ID: CVE-2025-43238)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation in Xsan. A local application can cause unexpected system termination.
14) Improper access control (CVE-ID: CVE-2025-43270)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in Notes. A local application can Local Network.
15) Improper limitation of a pathname to a restricted directory ('path traversal') (CVE-ID: CVE-2025-43196)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to incorrect handling of path names in libxpc. A local application can gain root privileges.
16) Improper limitation of a pathname to a restricted directory ('path traversal') (CVE-ID: CVE-2025-43191)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of path names in Admin Framework. A local application can cause a denial-of-service.
17) Improper input validation (CVE-ID: CVE-2025-43199)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to insufficient input validation in Core Services. A local application can gain root privileges.
18) Memory corruption (CVE-ID: CVE-2025-43186)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in afclip. A remote attacker can trick the victim into opening a specially crafted file and perform an unexpected app termination.
19) State issues (CVE-ID: CVE-2025-43244)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a state management issue in AMD. A local application can cause unexpected system termination.
20) Permissions, privileges, and access controls (CVE-ID: CVE-2025-31243)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in AppleMobileFileIntegrity. A local application can gain root privileges.
21) Improper access control (CVE-ID: CVE-2025-43249)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in AppleMobileFileIntegrity. A local application can gain root privileges.
22) Cryptographic issues (CVE-ID: CVE-2025-43245)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a cryptographic issue in AppleMobileFileIntegrity. A local application can access protected user data.
23) Use-after-free (CVE-ID: CVE-2025-43222)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in the CFNetwork component. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
24) Improper input validation (CVE-ID: CVE-2025-43223)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient input validation in CFNetwork. A local user can modify restricted network settings.
25) Improper link resolution before file access ('link following') (CVE-ID: CVE-2025-43220)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to insecure symbolic link following in copyfile. A local application can access protected user data.
26) Memory corruption (CVE-ID: CVE-2025-43210)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in CoreMedia. A local application can trick the victim into opening a specially crafted file and perform unexpected app termination or corrupt process memory.
27) Improper input validation (CVE-ID: CVE-2025-43195)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to insufficient input validation in CoreServices. A local application can access sensitive user data.
28) OS Command Injection (CVE-ID: CVE-2025-43187)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper input validation. A local user can run the hdiutil command to execute arbitrary code on the system.
29) Improper input validation (CVE-ID: CVE-2025-43254)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation in file. A local application can trick the victim into opening a specially crafted file and perform unexpected app termination.
30) Improper access control (CVE-ID: CVE-2025-43261)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in File Bookmark. A local application can break out of its sandbox.
31) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2025-31279)
The vulnerability allows a local application to fingerprint the user.
The vulnerability exists due to improperly imposed security restrictions in Find My feature. A local application can gain access to sensitive information.
32) Memory corruption (CVE-ID: CVE-2025-43255)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in GPU Drivers. A local application can cause unexpected system termination.
33) Memory corruption (CVE-ID: CVE-2025-43209)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in ICU. A remote attacker can trick the victim into opening a specially crafted file and perform an unexpected Safari crash.
34) Input validation error (CVE-ID: CVE-2025-24224)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the OS kernel. A local application can perform a denial of service (DoS) attack.
35) State Issues (CVE-ID: CVE-2025-24119)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a state management issue in the Finder application. A local app can execute arbitrary code out of its sandbox or with certain elevated privileges.
36) Race condition (CVE-ID: CVE-2025-43275)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a race condition in NetAuth. A local application can exploit the race and break out of its sandbox.
37) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2025-43232)
The vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions in PackageKit. A local application can bypass certain Privacy preferences.
38) Type confusion (CVE-ID: CVE-2025-43236)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error in Power Management. A local user can trigger a type confusion error and perform a denial of service (DoS) attack.
39) Information disclosure (CVE-ID: CVE-2025-43233)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to improperly imposed security restrictions within the Security component. A local application acting as a HTTPS proxy can get access to sensitive user data.
40) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2025-43184)
The vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to a missing consent prompt in Shortcuts. An attacker can trick the victim into executing a specially crafted shortcut and bypass sensitive Shortcuts app settings.
41) Memory corruption (CVE-ID: CVE-2025-43284)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in GPU Drivers. A local application can cause unexpected system termination.
42) Improper access control (CVE-ID: CVE-2025-43313)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in CoreServices. A local application can access sensitive user data.
43) Resource management error (CVE-ID: CVE-2025-43282)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the OS kernel. A local application can cause unexpected system termination.
Remediation
Install update from vendor's website.