CVE-2025-43353

Summary

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. Processing a maliciously crafted string may lead to heap corruption.

Affected Software

VendorProductVersion RangeStatus
ApplemacOS0 < 14.8affected
ApplemacOS0 < 15.7affected
ApplemacOS0 < 26affected

Weaknesses

  • Processing a maliciously crafted string may lead to heap corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References