{"id":8186,"date":"2025-11-05T04:00:24","date_gmt":"2025-11-05T04:00:24","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/11\/05\/32448\/"},"modified":"2025-11-05T04:00:24","modified_gmt":"2025-11-05T04:00:24","slug":"32448","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/11\/05\/32448\/","title":{"rendered":"Apple Patches Everything, Again, (Tue, Nov 4th)"},"content":{"rendered":"<p>    Apple Patches Everything, Again, (Tue, Nov 4th)<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Apple released its expected set of operating system upgrades. This is a minor feature upgrade that also includes fixes for 110 different vulnerabilities. As usual for Apple, many of the vulnerabilities affect multiple operating systems. None of the vulnerabilities is marked as already exploited. Apple only offers very sparse vulnerability descriptions. Here are some vulnerabilities that may be worth watching:<\/p>\n<p>CVE-2025-43338, CVE-2025-43372: A memory corruption vulnerability in ImageIO. ImageIO is responsible for rendering images, and vulnerabilities like this have been exploited in the past for remote code execution.\u00a0CVE-2025-43400, a vulnerability affecting FontParser, could have a similar impact.<\/p>\n<p>CVE-2025-43431: A memory corruption issue in WebKit. This could be used to execute code via Safari.<\/p>\n<p>\u00a0<\/p>\n<table class=\"datatable\">\n<thead>\n<tr>\n<th>iOS 26.1 and iPadOS 26.1<\/th>\n<th>macOS Tahoe 26.1<\/th>\n<th>macOS Sequoia 15.7.2<\/th>\n<th>macOS Sonoma 14.8.2<\/th>\n<th>tvOS 26.1<\/th>\n<th>watchOS 26.1<\/th>\n<th>visionOS 26.1<\/th>\n<th>Safari 26.1<\/th>\n<th>Xcode 26.1<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-31199:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Spotlight<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43292:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects CoreMedia<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43294:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects MallocStackLogging<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43322:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects Admin Framework<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43334:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects sudo<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43335:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects Security<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43336:<\/b> An app with root privileges may be able to access private information.<br \/>\n\t\t\tAffects SoftwareUpdate<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43337:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43338:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43348:<\/b> An app may bypass Gatekeeper checks.<br \/>\n\t\t\tAffects Finder<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43350:<\/b> An attacker may be able to view restricted content from the lock screen.<br \/>\n\t\t\tAffects Control Center<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43351:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects StorageKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43361:<\/b> A malicious app may be able to read kernel memory.<br \/>\n\t\t\tAffects Audio<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43364:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects NetFSFramework<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43372:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43373:<\/b> An app may be able to cause unexpected system termination or corrupt kernel memory.<br \/>\n\t\t\tAffects Wi-Fi<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43377:<\/b> An app may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects Model I\/O<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43378:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43379:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43380:<\/b> Parsing a file may lead to an unexpected app termination.<br \/>\n\t\t\tAffects sips<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43381:<\/b> A malicious app may be able to delete protected user data.<br \/>\n\t\t\tAffects CoreServicesUIAgent<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43382:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43383:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects Model I\/O<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43384:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects Model I\/O<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43387:<\/b> A malicious app may be able to gain root privileges.<br \/>\n\t\t\tAffects DiskArbitration<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43389:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Notes<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43390:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43391:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Photos<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43392:<\/b> A website may exfiltrate image data cross-origin.<br \/>\n\t\t\tAffects WebKit Canvas<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43393:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects quarantine<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43394:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects bootp<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43395:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects configd<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43396:<\/b> A sandboxed app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Installer<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43397:<\/b> An app may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects SoftwareUpdate<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43398:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43399:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects Siri<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43400:<\/b> Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects FontParser<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43401:<\/b> A remote attacker may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects CoreAnimation<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43402:<\/b> An app may be able to cause unexpected system termination or corrupt process memory.<br \/>\n\t\t\tAffects WindowServer<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43404:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Sandbox<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43405:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects Photos<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43406:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Sandbox<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43407:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects Assets<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43408:<\/b> An attacker with physical access may be able to access contacts from the lock screen.<br \/>\n\t\t\tAffects Share Sheet<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43409:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Spotlight<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43411:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects PackageKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43412:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects TCC<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43413:<\/b> A sandboxed app may be able to observe system-wide network connections.<br \/>\n\t\t\tAffects libxpc<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43414:<\/b> A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.<br \/>\n\t\t\tAffects Shortcuts<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43420:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Dock<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43421:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43422:<\/b> An attacker with physical access to a device may be able to disable Stolen Device Protection.<br \/>\n\t\t\tAffects Stolen Device Protection<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43423:<\/b> An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive user information in system logging.<br \/>\n\t\t\tAffects Audio<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43424:<\/b> A malicious HID device may cause an unexpected process crash.<br \/>\n\t\t\tAffects Multi-Touch<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43425:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43426:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Contacts<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43427:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43429:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43430:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43431:<\/b> Processing maliciously crafted web content may lead to memory corruption.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43432:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43434:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43436:<\/b> An app may be able to enumerate a user&#8217;s installed apps.<br \/>\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43439:<\/b> An app may be able to fingerprint the user.<br \/>\n\t\t\tAffects On-device Intelligence<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43440:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43442:<\/b> An app may be able to identify what other apps a user has installed.<br \/>\n\t\t\tAffects Accessibility<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43443:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43444:<\/b> An app may be able to fingerprint the user.<br \/>\n\t\t\tAffects Installer<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43445:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects CoreText<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43446:<\/b> An app may be able to modify protected parts of the file system.<br \/>\n\t\t\tAffects Assets<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43448:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects CloudKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43449:<\/b> A malicious app may be able to track users between installs.<br \/>\n\t\t\tAffects Apple TV Remote<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43450:<\/b> An app may be able to learn information about the current camera view before being granted camera access.<br \/>\n\t\t\tAffects Camera<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43452:<\/b> Keyboard suggestions may display sensitive information on the lock screen.<br \/>\n\t\t\tAffects Text Input<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43454:<\/b> A device may persistently fail to lock.<br \/>\n\t\t\tAffects Siri<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43455:<\/b> A malicious app may be able to take a screenshot of sensitive information in embedded views.<br \/>\n\t\t\tAffects Apple Account<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43459:<\/b> An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail.<br \/>\n\t\t\tAffects Phone<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43460:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.<br \/>\n\t\t\tAffects Status Bar<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43461:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects configd<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43462:<\/b> An app may be able to cause unexpected system termination or corrupt kernel memory.<br \/>\n\t\t\tAffects Apple Neural Engine<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43463:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects StorageKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43464:<\/b> Visiting a website may lead to an app denial-of-service.<br \/>\n\t\t\tAffects dyld<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43465:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects ATS<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43466:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43467:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects Installer<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43468:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43469:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects NSSpellChecker<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43471:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Admin Framework<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43472:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects zsh<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43473:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Shortcuts<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43474:<\/b> An app may be able to cause unexpected system termination or read kernel memory.<br \/>\n\t\t\tAffects GPU Drivers<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43476:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects SharedFileList<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43477:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Siri<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43478:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects ASP TCP<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43479:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43480:<\/b> A malicious website may exfiltrate data cross-origin.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43481:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects Disk Images<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43493:<\/b> Visiting a malicious website may lead to address bar spoofing.<br \/>\n\t\t\tAffects Safari<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43495:<\/b> An app may be able to monitor keystrokes without user permission.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43496:<\/b> Remote content may be loaded even when the &#8216;Load Remote Images&#8217; setting is turned off.<br \/>\n\t\t\tAffects Mail Drafts<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43497:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects BackBoardServices<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43498:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects FileProvider<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43499:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Shortcuts<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43500:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Sandbox Profiles<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43502:<\/b> An app may be able to bypass certain Privacy preferences.<br \/>\n\t\t\tAffects Safari<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43503:<\/b> Visiting a malicious website may lead to user interface spoofing.<br \/>\n\t\t\tAffects Safari<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43504:<\/b> A user in a privileged network position may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects lldb<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43505:<\/b> Processing a maliciously crafted file may lead to heap corruption.<br \/>\n\t\t\tAffects GNU<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43506:<\/b> iCloud Private Relay may not activate when more than one user is logged in at the same time.<br \/>\n\t\t\tAffects Networking<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"9\">\n<b>CVE-2025-43507:<\/b> An app may be able to fingerprint the user.<br \/>\n\t\t\tAffects Find My<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&#8212;<br \/>\nJohannes B. Ullrich, Ph.D. , Dean of Research, <a href=\"https:\/\/sans.edu\/\">SANS.edu<\/a><br \/>\n<a href=\"https:\/\/jbu.me\/164\">Twitter<\/a>|<\/p>\n<p> (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32448\">Go to isc.sans.edu<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple Patches Everything, Again, (Tue, Nov 4th) Apple released its expected set of operating system upgrades. This is a minor feature upgrade that also includes fixes for 110 different vulnerabilities. As usual for Apple, many of the vulnerabilities affect multiple operating systems. None of the vulnerabilities is marked as already exploited. Apple only offers very [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[56],"tags":[69],"class_list":["post-8186","post","type-post","status-publish","format-standard","hentry","category-isc-sans-edu","tag-isc-sans-edu"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/8186"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=8186"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/8186\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=8186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=8186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=8186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}