Csaba Fitzl

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 **Description** An authorization issue involving state management may allow an application to gain root privileges, which are the highest level of administrative access on a system. **Recommendations** Update iOS to version 18.7.9 or 26.5. Update iPadOS to version 18.7.9 or 26.5. Update macOS Sequoia to version 15.7.7. Update macOS Sonoma to version 14.8.7. Update macOS Tahoe to version 26.5.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 26.3 iPadOS versions prior to 26.3 macOS Tahoe versions prior to 26.3 macOS Sonoma versions prior to 14.8.4 visionOS versions prior to 26.3 **Description** A flaw exists in path handling due to insufficient validation. This could allow an application to obtain root privileges. **Recommendations** Update iOS to version 26.3 or later. Update iPadOS to version 26.3 or later. Update macOS Tahoe to version 26.3 or later. Update macOS Sonoma to version 14.8.4 or later. Update visionOS to version 26.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.3 macOS Sonoma versions prior to 14.8.4 watchOS versions prior to 26.3 tvOS versions prior to 26.3 visionOS versions prior to 26.3 iOS versions prior to 26.3 iPadOS versions prior to 26.3 **Description** A race condition existed due to improper state handling. This could allow a malicious application to gain root privileges. **Recommendations** Update macOS to version Tahoe 26.3 or later. Update macOS Sonoma to version 14.8.4 or later. Update watchOS to version 26.3 or later. Update tvOS to version 26.3 or later. Update visionOS to version 26.3 or later. Update iOS to version 26.3 or later. Update iPadOS to version 26.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 **Description** An application may be capable of accessing user data that should be protected. The issue involves improper handling of symlinks. **Recommendations** Update to macOS Sonoma version 14.8.2 or later. Update to macOS Sequoia version 15.7.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 **Description** An application may be able to access protected user data due to improved handling of symlinks. **Recommendations** Update to macOS Sonoma version 14.8.2 or later. Update to macOS Sequoia version 15.7.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 **Description** A permissions issue existed that could allow an app to cause a denial-of-service. The issue was resolved by removing the vulnerable code. **Recommendations** Update to macOS Sonoma version 14.8.2 or later. Update to macOS Sequoia version 15.7.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 **Description** An application may be capable of accessing user-sensitive data. **Recommendations** Update to macOS Sonoma version 14.8.2 or later. Update to macOS Sequoia version 15.7.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 visionOS versions prior to 26 **Description** A permissions issue existed that allowed a malicious application to potentially gain root privileges due to insufficient restrictions. **Recommendations** Update macOS to version Tahoe 26. Update visionOS to version 26.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** A permissions issue allowed an app to access sensitive user data. This issue was addressed with additional restrictions. **Recommendations** Update to macOS Tahoe 26 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** A permissions issue allowed an app to read sensitive location information. This issue was addressed with additional restrictions. **Recommendations** Update to macOS Tahoe 26.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sequoia 15.7 macOS versions prior to Tahoe 26 **Description** A race condition existed due to improper state handling, potentially allowing an application to access sensitive user data. **Recommendations** Update to macOS Sequoia 15.7. Update to macOS Tahoe 26.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** An access issue was addressed with additional sandbox restrictions. An app may be able to access sensitive user data. **Recommendations** Update to macOS Tahoe 26.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 26 iPadOS versions prior to 26 macOS versions prior to Tahoe 26 tvOS versions prior to 26 watchOS versions prior to 26 visionOS versions prior to 26 **Description** A logging issue allowed an application to potentially access sensitive user data. The issue was addressed with improved data redaction. **Recommendations** Update to iOS version 26 or later. Update to iPadOS version 26 or later. Update to macOS version Tahoe 26 or later. Update to tvOS version 26 or later. Update to watchOS version 26 or later. Update to visionOS version 26 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8 macOS versions prior to Sequoia 15.7 macOS Tahoe versions prior to 26 **Description** A permissions issue existed where an application could potentially access protected user data. This was addressed by implementing additional restrictions. **Recommendations** Update to macOS Sonoma version 14.8 or later. Update to macOS Sequoia version 15.7 or later. Update to macOS Tahoe version 26 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** An application may be able to override Mobile Device Management (MDM)-enforced settings from profiles. The issue was addressed by adding additional logic. **Recommendations** Update to macOS Tahoe 26 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 26 iPadOS versions prior to 26 macOS versions prior to Tahoe 26 tvOS versions prior to 26 watchOS versions prior to 26 visionOS versions prior to 26 **Description** A logging issue allowed an application to potentially access sensitive user data. The issue was addressed with improved data redaction. **Recommendations** Update iOS to version 26. Update iPadOS to version 26. Update macOS to version Tahoe 26. Update tvOS to version 26. Update watchOS to version 26. Update visionOS to version 26.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 26 iPadOS versions prior to 26 tvOS versions prior to 26 watchOS versions prior to 26 macOS Sonoma versions prior to 14.8 macOS Sequoia versions prior to 15.7 **Description** An authorization issue exists due to errors in the authorization procedure and improper state management. Exploitation may allow a remote attacker to gain unauthorized access to sensitive user data. An application may be able to access sensitive user data. **Recommendations** Update iOS to version 26 or later. Update iPadOS to version 26 or later. Update tvOS to version 26 or later. Update watchOS to version 26 or later. Update macOS Sonoma to version 14.8 or later. Update macOS Sequoia to version 15.7 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 macOS Sequoia versions prior to 15.6 **Description** A permissions issue was addressed with additional restrictions. An app may be able to bypass certain Privacy preferences. **Recommendations** Update macOS to version 14.7.7 or later. Update macOS to version 13.7.7 or later. Update macOS to version 15.6 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 **Description** A race condition existed that was addressed with additional validation. This issue could allow an application to break out of its sandbox. **Recommendations** Update to macOS version 15.6 or later. Update to macOS version 14.7.7 or later. Update to macOS version 13.7.7 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.5 **Description** A file quarantine bypass issue was addressed with additional checks, which may have allowed an app to break out of its sandbox. **Recommendations** For versions prior to 15.5, update to macOS Sequoia 15.5 to resolve the issue.