CVE-2025-43320: Buffer Overflow
Published Sep 15, 2025
·Updated
AirPort. A permissions issue was addressed with additional restrictions.
Other sources
AMD. A buffer overflow was addressed with improved bounds checking.
— Apple
AppKit. The issue was resolved by blocking unsigned services from launching on Intel Macs.
— Apple
Apple Neural Engine. An out-of-bounds access issue was addressed with improved bounds checking.
— Apple
Apple Online Store Kit. A permissions issue was addressed with additional restrictions.
— Apple
AppleJPEG. The issue was addressed with improved bounds checks.
— Apple
Credit
Michael Reeves@@IntegralPilot, Claudio Bozzato(Cisco Talos), Francesco Benvenuto(Cisco Talos), an anonymous researcher, Jex Amro, Wojciech Regula(SecuRing), Riley Walz, CVE-2024-7264, CVE-2025-9086, Yiğit Ocak, Noah Gregory (wts.dev), Andrew Calvano(Meta Product Security), Lucas Pinheiro(Meta Product Security), Andreas Jaegersberger & Ro Achterberg(Nosebeard Labs), Kaitao Xie(Alibaba Group), Xiaolong Bai(Alibaba Group), CVE-2025-5918, Rosyna Keller(Totally Not Malicious Software), Haoling Zhou(SecLab of The Ohio State University), Shixuan Zhao@@NSKernel(SecLab of The Ohio State University), Chao Wang@@evi0s(SecLab of The Ohio State University), Zhiqiang Lin(SecLab of The Ohio State University), Mickey Jin@@patch1t, Amy@@asentientbot, Gergely Kalman@@gergely_kalman, Kay Belardinelli (Harvard University), Rodolphe BRUNETTI@@eisw0lf(Lupus Nova), Csaba Fitzl@@theevilbit(Kandji), Kirin@@Pwnrin, ABC Research s.r.o., Nolan Astrein(Kandji), Mickey Jin@@patch1t(Cisco Talos), Kirin@@Pwnrin(Cisco Talos), Zhongquan Li@@Guluisacat, Bilal Siddiqui, Hossein Lotfi@@hosselot(Trend Micro Zero Day Initiative), Dawuge(Shuffle Team), Guilherme Rambo(Best Buddy Apps), Yinyi Wu@@_3ndy1(Dawn Security Lab of JD), @@zlluny(Trend Micro Zero Day Initiative), 이동하 (Lee Dong Ha)(SSA Lab), Zhongcheng Li(IES Red Team of ByteDance), Matej Moravec@@MacejkoMoravec, Shantanu Thakur, Wang Yu(Cyberserval), Anonymous(Trend Micro Zero Day Initiative), Jian Lee@@speedyfriend433, Yiğit Can YILMAZ@@yilmazcanyigit, Keisuke Hosoda, Ye Zhang@@VAR10CK(Baidu Security), Viktor Oreshkin, Nathaniel Oh@@calysteon, Hikerell (Loadshine Lab), Rodolphe Brunetti@@eisw0lf(Lupus Nova), LFY@@secsys(Fudan University), CVE-2025-40909, @@zlluny, CVE-2024-27280, KPC(Cisco Talos), @@RenwaX23, Ye Zhang(Baidu Security), pattern-f@@pattern_F_, 정답이 아닌 해답, Kirin@@Pwnrin(Computer Science), Cristian Dinca(Computer Science), Romania, CVE-2025-6965, JZ, Seo Hyun-gyu@@wh1te4ever, Luke Roberts@@rookuu, Ferdous Saljooki@@malwarezoo(Jamf), Justin Elliot Fu, Pyrophoria(GrapheneOS), an anonymous researcher(GrapheneOS), James J Kalafus, Michel Migdal, ken super, Jaydev Ahire, Big Bear, Ignacio Sanmillan@@ulexec, Mike Cardwell(grepular), Bob Lord, Pawel Wylecial(REDTEAM)
Affected Software
3 affected componentsFixes available
Apple macOS Sequoia<15.7.3
15.7.3
Apple macOS Tahoe<26
26
Apple macOS<15.7.3
Event History
Sep 15, 2025
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeakness
Dec 12, 2025
Updated
via Apple·12:00 AM
DescriptionWeaknessAffected Software
CVE Published
via MITRE·08:56 PM
Data Sourced
via MITRE·08:56 PM
DescriptionWeakness
Data Sourced
via NVD·09:15 PM
DescriptionSeverityWeaknessAffected Software
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2025-43539
- CVE-2025-43320
- CVE-2025-43522
- CVE-2025-43521
- CVE-2025-43519
- CVE-2025-43523
- CVE-2025-46289
- CVE-2025-43482
- CVE-2025-43517
- CVE-2025-46287
- CVE-2024-7264
- CVE-2025-9086
- CVE-2025-43542
- CVE-2025-43518
- CVE-2025-43532
- CVE-2025-43512
- CVE-2025-46285
- CVE-2025-5918
- CVE-2025-43513
- CVE-2025-46276
- CVE-2025-43509
- CVE-2025-43527
- CVE-2025-43463
- CVE-2025-43416
- CVE-2025-43516
- CVE-2025-43530
- CVE-2025-43288
- CVE-2025-43208
- CVE-2025-43312
- CVE-2025-43321
- CVE-2025-43344
- CVE-2025-31268
- CVE-2025-43331
- CVE-2025-43317
- CVE-2025-43340
- CVE-2025-43337
- CVE-2025-43285
- CVE-2025-43330
- CVE-2025-43346
- CVE-2025-43361
- CVE-2025-43451
- CVE-2025-43307
- CVE-2025-43354
- CVE-2025-43303
- CVE-2025-43357
- CVE-2025-43323
- CVE-2025-43403
- CVE-2025-43349
- CVE-2025-43292
- CVE-2025-43372
- CVE-2025-24088
- CVE-2025-43305
- CVE-2025-43290
- CVE-2025-43289
- CVE-2025-46284
- CVE-2025-43316
- CVE-2025-31271
- CVE-2025-31270
- CVE-2025-43326
- CVE-2025-43283
- CVE-2025-46280
- CVE-2025-43325
- CVE-2025-43287
- CVE-2025-43338
- CVE-2025-43302
- CVE-2025-31255
- CVE-2025-43366
- CVE-2025-43359
- CVE-2025-43345
- CVE-2025-43299
- CVE-2025-43295
- CVE-2025-43353
- CVE-2025-43294
- CVE-2025-43319
- CVE-2025-43315
- CVE-2025-43355
- CVE-2025-43207
- CVE-2025-43279
- CVE-2025-43301
- CVE-2025-43298
- CVE-2025-46310
- CVE-2025-40909
- CVE-2025-43297
- CVE-2025-31269
- CVE-2025-43204
- CVE-2024-27280
- CVE-2025-46306
- CVE-2025-43327
- CVE-2025-43329
- CVE-2025-43328
- CVE-2025-43318
- CVE-2025-46307
- CVE-2025-31259
- CVE-2025-43332
- CVE-2025-43293
- CVE-2025-43291
- CVE-2025-43286
- CVE-2025-43369
- CVE-2025-43358
- CVE-2025-43367
- CVE-2025-43190
- CVE-2025-43333
- CVE-2025-24197
- CVE-2025-6965
- CVE-2025-43341
- CVE-2025-43314
- CVE-2025-43304
- CVE-2025-43306
- CVE-2025-43347
- CVE-2025-43296
- CVE-2025-43311
- CVE-2025-43308
- CVE-2025-43262
- CVE-2025-43356
- CVE-2025-43272
- CVE-2025-43343
- CVE-2025-43342
- CVE-2025-43419
- CVE-2025-43376
- CVE-2025-43368
- CVE-2025-43310
Frequently Asked Questions
1
What is the severity of CVE-2025-43320?
CVE-2025-43320 is considered a significant security vulnerability that could allow apps to bypass launch constraint protections.
2
How do I fix CVE-2025-43320?
To fix CVE-2025-43320, update your system to macOS Sequoia 15.7.3 or macOS Tahoe 26.
3
What systems are affected by CVE-2025-43320?
CVE-2025-43320 affects Apple macOS Sequoia versions prior to 15.7.3 and macOS Tahoe versions prior to 26.
4
What type of vulnerability is CVE-2025-43320?
CVE-2025-43320 is a vulnerability related to improper bounds checking and logic flaws in AppleJPEG and AppleMobileFileIntegrity.
5
Can CVE-2025-43320 be exploited remotely?
CVE-2025-43320 may allow local applications to exploit the vulnerability, but specific remote exploitation details are not disclosed.