CVE-2025-43239
BaseFortify
Publication date: 2025-07-30
Last updated on: 2025-11-03
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | to 13.7.7 (exc) |
| apple | macos | From 14.0 (inc) to 14.7.7 (exc) |
| apple | macos | From 15.0 (inc) to 15.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds access issue that occurs due to insufficient bounds checking. It can be triggered by processing a maliciously crafted file, which may cause an application to terminate unexpectedly. The issue has been fixed in specific versions of macOS (Sequoia 15.6, Sonoma 14.7.7, Ventura 13.7.7).
How can this vulnerability impact me? :
If exploited, this vulnerability can cause applications to terminate unexpectedly when processing malicious files, potentially leading to denial of service or disruption of normal operations.
What immediate steps should I take to mitigate this vulnerability?
Apply the security updates provided by Apple for macOS Sequoia 15.6, macOS Sonoma 14.7.7, or macOS Ventura 13.7.7 to fix the out-of-bounds access issue and prevent unexpected app termination caused by processing maliciously crafted files.