PT-2025-51025 · Apple · Macos Sonoma+2
Kaitao Xie
+1
·
Published
2025-12-12
·
Updated
2026-04-18
·
CVE-2025-46285
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
macOS versions prior to 14.8.3
macOS Sequoia versions prior to 15.7.3
macOS Tahoe version 26.2
iOS versions prior to 18.7.3
iPadOS versions prior to 18.7.3
visionOS version 26.2
tvOS version 26.2
watchOS version 26.2
Description
An integer overflow issue was identified and addressed by implementing 64-bit timestamps. This could allow an application to gain root privileges. The issue affects multiple Apple operating systems. The vulnerability was discovered by Kaitao Xie and Xiaolong Bai of Alibaba Group.
Recommendations
Update macOS to version 14.8.3 or later.
Update macOS Sequoia to version 15.7.3 or later.
Update visionOS to version 26.2.
Update tvOS to version 26.2.
Update watchOS to version 26.2.
Update iOS to version 18.7.3 or later.
Update iPadOS to version 18.7.3 or later.
Fix
LPE
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos
Macos Sequoia
Macos Sonoma