About the security content of macOS Sonoma 14.8

This document describes the security content of macOS Sonoma 14.8.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

macOS Sonoma 14.8

Released September 15, 2025

AMD

Available for: macOS Sonoma

Impact: An app may be able to cause unexpected system termination

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2025-43312: ABC Research s.r.o.

AppKit

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: The issue was resolved by blocking unsigned services from launching on Intel Macs.

CVE-2025-43321: Mickey Jin (@patch1t)

Apple Online Store Kit

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-31268: Csaba Fitzl (@theevilbit) and Nolan Astrein of Kandji

AppSandbox

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43285: Zhongquan Li (@Guluisacat), Mickey Jin (@patch1t)

CoreAudio

Available for: macOS Sonoma

Impact: Processing a maliciously crafted video file may lead to unexpected app termination

Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2025-43349: @zlluny working with Trend Zero Day Initiative

CoreAudio

Available for: macOS Sonoma

Impact: Processing a maliciously crafted audio file may lead to memory corruption

Description: The issue was addressed with improved memory handling.

CVE-2025-43277: Google's Threat Analysis Group

CoreMedia

Available for: macOS Sonoma

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-43273: Seo Hyun-gyu (@wh1te4ever), Minghao Lin (@Y1nKoc), 风 (binaryfmyy), BochengXiang(@Crispr), and YingQi Shi (@Mas0nShi), Dora Orak

CoreServices

Available for: macOS Sonoma

Impact: A malicious app may be able to access private information

Description: A logic issue was addressed with improved checks.

CVE-2025-43305: an anonymous researcher, Mickey Jin (@patch1t)

GPU Drivers

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2025-43326: Wang Yu of Cyberserval

IOHIDFamily

Available for: macOS Sonoma

Impact: An app may be able to cause unexpected system termination

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2025-43302: Keisuke Hosoda

IOKit

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: An authorization issue was addressed with improved state management.

CVE-2025-31255: Csaba Fitzl (@theevilbit) of Kandji

Kernel

Available for: macOS Sonoma

Impact: A UDP server socket bound to a local interface may become bound to all interfaces

Description: A logic issue was addressed with improved state management.

CVE-2025-43359: Viktor Oreshkin

LaunchServices

Available for: macOS Sonoma

Impact: An app may be able to access user-sensitive data

Description: A logic issue was addressed with improved checks.

CVE-2025-43231: Mickey Jin (@patch1t), Kirin@Pwnrin and LFY@secsys from Fudan University, an anonymous researcher

libc

Available for: macOS Sonoma

Impact: An app may be able to cause a denial-of-service

Description: A denial-of-service issue was addressed with improved validation.

CVE-2025-43299: Nathaniel Oh (@calysteon)

CVE-2025-43295: Nathaniel Oh (@calysteon)

Libinfo

Available for: macOS Sonoma

Impact: Processing a maliciously crafted string may lead to heap corruption

Description: The issue was addressed with improved bounds checks.

CVE-2025-43353: Nathaniel Oh (@calysteon)

MediaLibrary

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: This issue was addressed by removing the vulnerable code.

CVE-2025-43319: Hikerell (Loadshine Lab)

MigrationKit

Available for: macOS Sonoma

Impact: An app may be able to access user-sensitive data

Description: This issue was addressed by removing the vulnerable code.

CVE-2025-43315: Rodolphe Brunetti (@eisw0lf) of Lupus Nova

MobileStorageMounter

Available for: macOS Sonoma

Impact: An app may be able to cause a denial-of-service

Description: A type confusion issue was addressed with improved memory handling.

CVE-2025-43355: Dawuge of Shuffle Team

Notification Center

Available for: macOS Sonoma

Impact: An app may be able to access contact info related to notifications in Notification Center

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2025-43301: LFY@secsys from Fudan University

PackageKit

Available for: macOS Sonoma

Impact: An app may be able to gain root privileges

Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43298: an anonymous researcher

Perl

Available for: macOS Sonoma

Impact: Multiple issues in Perl

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2025-40909

Printing

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-31269: Zhongcheng Li from IES Red Team of ByteDance

Ruby

Available for: macOS Sonoma

Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2024-27280

Screenshots

Available for: macOS Sonoma

Impact: An app may be able to capture a screenshot of an app entering or exiting full screen mode

Description: A privacy issue was addressed with improved checks.

CVE-2025-31259: an anonymous researcher

Security Initialization

Available for: macOS Sonoma

Impact: An app may be able to break out of its sandbox

Description: A file quarantine bypass was addressed with additional checks.

CVE-2025-43332: an anonymous researcher

SharedFileList

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: The issue was addressed with improved input validation.

CVE-2025-43293: an anonymous researcher

SharedFileList

Available for: macOS Sonoma

Impact: An app may be able to modify protected parts of the file system

Description: A permissions issue was addressed by removing the vulnerable code.

CVE-2025-43291: Ye Zhang of Baidu Security

SharedFileList

Available for: macOS Sonoma

Impact: An app may be able to break out of its sandbox

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43286: pattern-f (@pattern_F_), @zlluny

Shortcuts

Available for: macOS Sonoma

Impact: A shortcut may be able to bypass sandbox restrictions

Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-43358: 정답이 아닌 해답

Siri

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: A privacy issue was addressed by moving sensitive data.

CVE-2025-43367: Kirin (@Pwnrin), Cristian Dinca of "Tudor Vianu" National High School of Computer Science, Romania

Spell Check

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43190: Noah Gregory (wts.dev)

Spotlight

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: A logic issue was addressed with improved checks.

CVE-2025-24197: Rodolphe Brunetti (@eisw0lf) of Lupus Nova

Storage

Available for: macOS Sonoma

Impact: An app may be able to gain root privileges

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43341: an anonymous researcher

StorageKit

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43314: Mickey Jin (@patch1t)

StorageKit

Available for: macOS Sonoma

Impact: An app may be able to gain root privileges

Description: A race condition was addressed with improved state handling.

CVE-2025-43304: Mickey Jin (@patch1t)

Touch Bar

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: This issue was addressed with additional entitlement checks.

CVE-2025-43311: an anonymous researcher, Justin Elliot Fu

Touch Bar Controls

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: This issue was addressed with additional entitlement checks.

CVE-2025-43308: an anonymous researcher

WindowServer

Available for: macOS Sonoma

Impact: An app may be able to trick a user into copying sensitive data to the pasteboard

Description: A configuration issue was addressed with additional restrictions.

CVE-2025-43310: an anonymous researcher

Additional recognition

Airport

We would like to acknowledge Csaba Fitzl (@theevilbit) of Kandji for their assistance.

libpthread

We would like to acknowledge Nathaniel Oh (@calysteon) for their assistance.

libxml2

We would like to acknowledge Nathaniel Oh (@calysteon), Sergei Glazunov of Google Project Zero for their assistance.

SharedFileList

We would like to acknowledge Ye Zhang of Baidu Security for their assistance.

Wi-Fi

We would like to acknowledge Csaba Fitzl (@theevilbit) of Kandji, Noah Gregory (wts.dev), Wojciech Regula of SecuRing (wojciechregula.blog), an anonymous researcher for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

പ്രസിദ്ധീകരിച്ച തീയതി: