Apple Family November 2025 1st Security Update Advisory

Nov 05 2025

Overview

Apple(https://apple.com) has released a security update that fixes vulnerabilities in products it has been made. Affected Xerox users are advised to update to the latest version.

Affected Products

IPad Pro 12.9-inch 3rd generation and newer

IPad Pro 11-inch 1st generation and later

IPad Air 3rd generation and later

IPad 8th generation and later

IPad mini 5th generation and later

IPhone 11 and later

MacOS Tahoe

MacOS Sequoia

MacOS Sonoma

Apple TV 4K (2nd generation and later)

Apple TV HD

Apple TV 4K (all models)

Apple Watch Series 6 and later

Apple Watch Series 9 and later

Apple Watch SE 2nd generation

Apple Watch Ultra (all models)

Apple Vision Pro (all models)

MacOS Sequoia 15.6 and later

Resolved Vulnerabilities

The following vulnerabilities were patched in the November 3, 2025 product-specific update.

IOS 26.1 and iPadOS 26.1

Vulnerability in the Accessibility feature that could allow an app to identify other apps installed by the user (CVE-2025-43442)

Vulnerability in the Apple Account feature that could allow a malicious app to take screenshots of sensitive information in embedded views (CVE-2025-43455)

Vulnerabilities in the Apple Neural Engine feature that could cause a system shutdown and kernel memory crash (CVE-2025-43447, CVE-2025-43462)

Vulnerability in Apple TV Remote feature that could allow a malicious app to track a user between installs (CVE-2025-43449)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to access protected user data (CVE-2025-43379)

Vulnerability in the Assets feature that could allow an app to escape the sandbox (CVE-2025-43407)

Vulnerability in the Audio feature that could allow an attacker with physical access to a device paired with an unlocked Mac to view sensitive user information in system logging (CVE-2025-43423)

Vulnerability in the Camera feature that could allow an app to learn information about the current camera view before being granted camera access (CVE-2025-43450)

Vulnerability in the CloudKit feature that could allow an app to escape the sandbox (CVE-2025-43448)

Vulnerability in the Contacts feature that could allow an app to access sensitive user data (CVE-2025-43426)

Vulnerability in the Control Center feature that could allow access to restricted content on the lock screen (CVE-2025-43350)

Vulnerability in the CoreServices feature that could allow an app to enumerate a user’s installed apps (CVE-2025-43436)

Vulnerability in the CoreText function that could allow an app to unexpectedly terminate or corrupt process memory when handling a maliciously crafted media file (CVE-2025-43445)

Vulnerability in the FileProvider function that could allow an app to access sensitive user data (CVE-2025-43498)

Vulnerability in the Find My feature that could allow an app to collect a user’s fingerprint (CVE-2025-43507)

Vulnerability in the Installer feature that could allow an app to collect a user’s fingerprint (CVE-2025-43444)

Vulnerability in the Kernel function that could allow an app to cause an unexpected system shutdown (CVE-2025-43398)

Vulnerability in the libxpc function that could allow a sandbox app to observe system-wide network connections (CVE-2025-43413)

Vulnerability in the Mail Drafts feature that could allow remote content to be loaded even if the ‘Load remote images’ setting is turned off (CVE-2025-43496)

Vulnerability in the MallocStackLogging feature that could allow an app to access sensitive user data (CVE-2025-43294)

Vulnerability in the Model I/O function that could allow maliciously crafted media files to cause the app to terminate unexpectedly or corrupt process memory (CVE-2025-43386, CVE-2025-43385, CVE-2025-43384, CVE-2025-43383)

Vulnerability in the Multi-Touch feature that could allow a malicious hidden device to cause an unexpected process crash (CVE-2025-43424)

Vulnerability in the Notes feature that could allow an app to access sensitive user data (CVE-2025-43389)

Vulnerability in the On-device Intelligence feature that could allow an app to collect a user’s fingerprint (CVE-2025-43439)

Vulnerability in Photos feature that could allow an app to access sensitive user data (CVE-2025-43391)

Vulnerability in the Safari feature that could allow address bar spoofing when visiting a malicious website (CVE-2025-43493)

Vulnerability in Safari functionality that could allow user interface spoofing when visiting a malicious website (CVE-2025-43503)

Vulnerability in the Safari feature that could allow apps to bypass certain privacy preferences (CVE-2025-43502)

Vulnerability in the Sandbox Profiles feature that could allow an app to access sensitive user data (CVE-2025-43500)

Vulnerability in the Siri feature that could allow devices to persistently fail to lock (CVE-2025-43454)

Vulnerability in the Status Bar feature that could allow an attacker with physical access to a locked device to view sensitive user information (CVE-2025-43460)

Vulnerability in the Stolen Device Protection feature that could allow an attacker with physical access to the device to disable stolen device protection (CVE-2025-43422)

Vulnerability in the Text Input feature that could allow keyboard suggestions to display sensitive information on the lock screen (CVE-2025-43452)

Vulnerability in WebKit functionality that could allow a malicious website to leak cross-origin data (CVE-2025-43480)

Vulnerabilities in WebKit functions that could cause unexpected process crashes when handling maliciously crafted web content (CVE-2025-43458, CVE-2025-43430, CVE-2025-43427, CVE-2025-43443, CVE-2025-43441, CVE-2025-43435, CVE-2025-43425, CVE-2025-43440, CVE-2025-43432, CVE-2025-43429, CVE-2025-43421)

Vulnerability in WebKit functions that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43438, CVE-2025-43457, CVE-2025-43434)

Vulnerability in WebKit functionality that could allow an app to monitor keystrokes without user permission (CVE-2025-43495)

Vulnerability in WebKit functionality that could cause memory corruption when handling maliciously crafted web content (CVE-2025-43433, CVE-2025-43431)

Vulnerability in the WebKit Canvas feature that could allow websites to leak cross-origin image data (CVE-2025-43392)

MacOS Tahoe 26.1

Vulnerability in Admin Framework functionality that could allow apps to access sensitive user data (CVE-2025-43471)

Vulnerability in Admin Framework features that could allow apps to access sensitive user data (CVE-2025-43322)

Vulnerability in the Apple Account feature that could allow malicious apps to take screenshots of sensitive information in embedded views (CVE-2025-43455)

Vulnerabilities in the Apple Neural Engine feature that could cause a system shutdown and kernel memory crash (CVE-2025-43447, CVE-2025-43462)

Vulnerability in the AppleMobileFileIntegrity feature that could allow apps to access users’ sensitive data (CVE-2025-43390)

Vulnerability in the AppleMobileFileIntegrity feature that allows apps to access sensitive user data (CVE-2025-43388, CVE-2025-43466, CVE-2025-43382, CVE-2025-43468, CVE-2025-43378)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to access protected user data (CVE-2025-43379)

Vulnerability in the ASP TCP feature that could allow an app to cause an unexpected system shutdown (CVE-2025-43478)

Vulnerability in the Assets feature that could allow an app to escape the sandbox (CVE-2025-43407)

Vulnerability in the Assets feature that could allow an app to modify a protected part of the file system (CVE-2025-43446)

Vulnerability in the ATS feature that could allow an app to access sensitive user data (CVE-2025-43465)

Vulnerability in the Audio feature that could allow an attacker with physical access to a device paired with an unlocked Mac to view sensitive user information in system logging (CVE-2025-43423)

Vulnerability in the BackBoardServices feature that could allow an app to escape the sandbox (CVE-2025-43497)

Vulnerability in the bootp feature that could allow an app to access protected user data (CVE-2025-43394)

Vulnerability in the CloudKit function that could allow an app to escape the sandbox (CVE-2025-43448)

Vulnerability in the configd function that could allow an app to access protected user data (CVE-2025-43395, CVE-2025-43461)

Vulnerability in the Contacts function that could allow an app to access sensitive user data (CVE-2025-43426)

Vulnerability in the CoreAnimation feature that could allow remote attackers to cause a denial of service (CVE-2025-43401)

Vulnerability in the CoreServices function that could allow an app to access sensitive user data (CVE-2025-43479)

Vulnerability in CoreServices functionality that could allow an app to enumerate a user’s installed apps (CVE-2025-43436)

Vulnerability in the CoreServicesUIAgent function that could allow a malicious app to delete protected user data (CVE-2025-43381)

Vulnerability in the CoreText function that could allow maliciously crafted media files to cause an app to terminate unexpectedly or corrupt process memory (CVE-2025-43445)

Vulnerability in the Disk Images feature that could allow an app to escape the sandbox (CVE-2025-43481)

Vulnerability in DiskArbitration feature that could allow a malicious app to gain root privileges (CVE-2025-43387)

Vulnerability in the Dock feature that could allow an app to access sensitive user data (CVE-2025-43420)

Vulnerability in the dyld function that could result in an app denial of service when visiting a website (CVE-2025-43464)

Vulnerability in the FileProvider feature that could allow an app to access sensitive user data (CVE-2025-43498)

Vulnerability in the Find My feature that could allow an app to collect a user’s fingerprint (CVE-2025-43507)

Vulnerability in the Finder feature that could allow Gatekeeper checks to be bypassed (CVE-2025-43348)

Kernel memory accessibility vulnerability in the GPU Drivers feature (CVE-2025-43474)

Vulnerability in the Installer feature that could allow sandboxed apps to access sensitive user data (CVE-2025-43396)

Vulnerability in the Installer function that could allow an app to collect a user’s fingerprint (CVE-2025-43444)

Vulnerability in the Installer function that could allow an app to gain root privileges (CVE-2025-43467)

Vulnerability in the Kernel function that could allow an app to cause an unexpected system shutdown (CVE-2025-43398)

Vulnerability in the libxpc function that could allow a sandbox app to observe system-wide network connections (CVE-2025-43413)

Vulnerability in the Mail Drafts feature that could allow remote content to be loaded even if the ‘Load remote images’ setting is turned off (CVE-2025-43496)

Vulnerability in the Model I/O function that could cause the app to terminate unexpectedly or corrupt process memory when handling maliciously crafted media files (CVE-2025-43386, CVE-2025-43385, CVE-2025-43384, CVE-2025-43383)

Vulnerability in the Model I/O feature that could allow an app to cause a denial of service (CVE-2025-43377)

Vulnerability in the Multi-Touch feature that could allow a malicious hidden device to cause an unexpected process crash (CVE-2025-43424)

Vulnerability in the NetFSFramework feature that could allow an app to escape the sandbox (CVE-2025-43364)

Vulnerability in the Networking feature that could prevent iCloud Private Relay from being enabled if multiple users are signed in at the same time (CVE-2025-43506)

Vulnerability in the Notes feature that could allow an app to access sensitive user data (CVE-2025-43389)

Vulnerability in the NSSpellChecker feature that could allow an app to access sensitive user data (CVE-2025-43469)

Vulnerability in PackageKit functionality that could allow an app to access sensitive user data (CVE-2025-43411)

Vulnerability in the Photos feature that could allow an app to access sensitive user data (CVE-2025-43405)

Vulnerability in the Photos feature that could allow an app to access sensitive user data (CVE-2025-43391)

Vulnerability in the quarantine feature that could allow an app to escape the sandbox (CVE-2025-43393)

Vulnerabilities in the Ruby feature related to certain module functionality (CVE-2024-43398, CVE-2024-49761, CVE-2025-6442)

Vulnerability in Safari functionality that could allow address bar spoofing when visiting a malicious website (CVE-2025-43493)

Vulnerability in Safari functionality that could allow user interface spoofing when visiting a malicious website (CVE-2025-43503)

Vulnerability in the Safari feature that could allow apps to bypass certain privacy preferences (CVE-2025-43502)

Vulnerabilities in the Sandbox feature that could allow apps to access sensitive user data (CVE-2025-43406, CVE-2025-43404)

Vulnerability in the Sandbox Profiles feature that could allow an app to access sensitive user data (CVE-2025-43500)

Vulnerability in the Security feature that could allow an app to access sensitive user data (CVE-2025-43335)

Vulnerability in the Share Sheet feature that could allow an attacker with physical access to access contacts on the lock screen (CVE-2025-43408)

Vulnerability in the SharedFileList feature that could allow an app to escape the sandbox (CVE-2025-43476)

Vulnerabilities in the Shortcuts feature that could allow shortcuts to access files not normally accessible by the shortcut app (CVE-2025-30465, CVE-2025-43414)

Vulnerabilities in the Shortcuts feature that could allow apps to access sensitive user data (CVE-2025-43473, CVE-2025-43499)

Vulnerability in the sips feature that could cause the app to terminate unexpectedly due to file parsing (CVE-2025-43380)

Vulnerability in the Siri feature that could allow an app to access sensitive user data (CVE-2025-43477)

Vulnerability in the Siri feature that could allow an app to access protected user data (CVE-2025-43399)

Vulnerability in the SoftwareUpdate feature that could allow an app with root privileges to access personal information (CVE-2025-43336)

Vulnerability in the SoftwareUpdate feature that could allow an app to cause a denial of service (CVE-2025-43397)

Vulnerability in the Spotlight feature that could allow an app to access sensitive user data (CVE-2025-43409)

Vulnerability in the StorageKit feature that could allow an app to access protected user data (CVE-2025-43351)

Vulnerability in StorageKit functionality that could allow an app to access sensitive user data (CVE-2025-43463)

Vulnerability in the sudo function that could allow an attacker with host-restricted sudo access to escalate privileges in certain configurations (CVE-2025-32462)

Vulnerability in the sudo function that could allow an app to access user sensitive data (CVE-2025-43334)

Vulnerability in the TCC function that could allow an app to escape the sandbox (CVE-2025-43412)

Vulnerabilities in the Vim feature resolved through improved validation of path handling issues (CVE-2025-53906)

Vulnerability in WebKit functionality that could allow malicious websites to exfiltrate cross-origin data (CVE-2025-43480)

Vulnerability in WebKit functions that could cause an unexpected Safari crash when handling maliciously crafted web content (CVE-2025-43438, CVE-2025-43457, CVE-2025-43434)

Vulnerabilities in WebKit functions that could cause memory corruption when handling maliciously crafted web content (CVE-2025-43433, CVE-2025-43431)

Vulnerability in the WebKit Canvas feature that could allow websites to leak cross-origin image data (CVE-2025-43392)

Vulnerability in the Wi-Fi feature that could cause a system shutdown and kernel memory crash (CVE-2025-43373)

Vulnerability in the WindowServer function that could allow an app to cause an unexpected system shutdown or process memory corruption (CVE-2025-43402)

Vulnerability in the zsh function that could allow an app to gain root privileges (CVE-2025-43472)

MacOS Sequoia 15.7.2

Vulnerability in Admin Framework functionality that could allow an app to access user sensitive data (CVE-2025-43322)

Vulnerabilities in the AppleMobileFileIntegrity feature that could allow apps to access sensitive user data (CVE-2025-43337, CVE-2025-43468, CVE-2025-43469, CVE-2025-43378)

Vulnerability in AppleMobileFileIntegrity feature that allows apps to access sensitive user data (CVE-2025-43390)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to access protected user data (CVE-2025-43379)

Vulnerability in the ASP TCP feature that could allow an app to cause an unexpected system shutdown (CVE-2025-43478)

Vulnerability in the Assets feature that could allow an app to escape the sandbox (CVE-2025-43407)

Vulnerability in the Assets function that could allow an app to modify a protected part of the file system (CVE-2025-43446)

Kernel memory access vulnerability in the Audio function (CVE-2025-43361)

Vulnerability in the Audio feature that could allow an attacker with physical access to a device paired with an unlocked Mac to view sensitive user information in system logging (CVE-2025-43423)

Vulnerability in the bash function that could allow an app to gain root privileges (CVE-2025-43472)

Vulnerability in the bootp function that could allow an app to access protected user data (CVE-2025-43394)

Vulnerability in the CloudKit function that could allow an app to escape the sandbox (CVE-2025-43448)

Vulnerability in the configd function that could allow an app to access protected user data (CVE-2025-43395)

Vulnerability in the CoreAnimation function that could allow remote attackers to cause a denial of service (CVE-2025-43401)

Vulnerability in the CoreMedia feature that could allow an app to access sensitive user data (CVE-2025-43292)

Vulnerability in the CoreServices function that could allow an app to access sensitive user data (CVE-2025-43479, CVE-2025-43382)

Vulnerability in the CoreText feature that could allow apps to unexpectedly terminate or corrupt process memory when handling maliciously crafted media files (CVE-2025-43445)

Vulnerability in the Disk Images feature that could allow an app to escape the sandbox (CVE-2025-43481)

Vulnerability in DiskArbitration feature that could allow a malicious app to gain root privileges (CVE-2025-43387)

Vulnerability in the Dock function that could allow an app to access sensitive user data (CVE-2025-43420)

Vulnerability in the FileProvider function that could allow an app to access sensitive user data (CVE-2025-43498)

Vulnerability in the Finder function that could allow Gatekeeper checks to be bypassed (CVE-2025-43348)

Kernel memory access vulnerability in the GPU Drivers function (CVE-2025-43474)

Vulnerability in the Installer feature that could allow sandboxed apps to access sensitive user data (CVE-2025-43396)

Vulnerability in the Kernel function that could allow an app to cause an unexpected system shutdown (CVE-2025-43398)

Vulnerability in the libxpc function that could allow a sandbox app to observe system-wide network connections (CVE-2025-43413)

Vulnerability in the Mail function that could allow remote content to be loaded even if the ‘Load remote images’ setting is disabled (CVE-2025-43496)

Vulnerability in the Model I/O feature that could allow an app to cause a denial of service (CVE-2025-43377)

Vulnerability in the Notes feature that could allow an app to access sensitive user data (CVE-2025-43389)

Vulnerability in the NSSpellChecker feature that could allow an app to access sensitive user data (CVE-2025-43469)

Vulnerability in PackageKit functionality that could allow an app to access sensitive user data (CVE-2025-43411)

Vulnerability in the Photos feature that could allow an app to access sensitive user data (CVE-2025-43405)

Vulnerability in the Photos feature that could allow an app to access sensitive user data (CVE-2025-43391)

Vulnerability in the Ruby feature related to certain module functionality (CVE-2024-43398, CVE-2024-49761, CVE-2025-6442)

Vulnerability in the Security feature that could allow an app to access users’ sensitive data (CVE-2025-43335)

Vulnerability in Share Sheet functionality that could allow an attacker with physical access to access contacts on the lock screen (CVE-2025-43408)

Vulnerability in the SharedFileList feature that could allow an app to escape the sandbox (CVE-2025-43476)

Vulnerabilities in the Shortcuts feature that could allow shortcuts to access files not normally accessible by the shortcut app (CVE-2025-30465, CVE-2025-43414)

Vulnerability in the Shortcuts feature that could allow apps to access sensitive user data (CVE-2025-43499)

Vulnerability in the sips feature that could allow an app to unexpectedly terminate due to file parsing (CVE-2025-43380)

Vulnerability in the Siri feature that could allow an app to access sensitive user data (CVE-2025-43477)

Vulnerability in the Siri feature that could allow an app to access protected user data (CVE-2025-43399)

Vulnerability in the SoftwareUpdate feature that could allow an app with root privileges to access personal information (CVE-2025-43336)

Vulnerability in the SoftwareUpdate feature that could allow an app to cause a denial of service (CVE-2025-43397)

Vulnerability in the Spotlight feature that could allow an app to access sensitive user data (CVE-2025-43409)

Vulnerability in the sudo function that could allow an app to access sensitive user data (CVE-2025-43334)

Vulnerability in the System Settings feature that could allow Gatekeeper checks to be bypassed (CVE-2025-43348)

Vulnerability in the TCC feature that could allow an app to escape the sandbox (CVE-2025-43412)

Vulnerability in the Wi-Fi feature that could cause a system shutdown and kernel memory crash (CVE-2025-43373)

Vulnerability in zsh functionality that could allow an app to gain root privileges (CVE-2025-43472)

MacOS Sonoma 14.8.2

Vulnerability in Admin Framework functionality that could allow an app to access user sensitive data (CVE-2025-43322)

Vulnerability in the AppleMobileFileIntegrity feature that allows apps to access sensitive user data (CVE-2025-43468, CVE-2025-43469)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to access protected user data (CVE-2025-43379)

Vulnerability in the ASP TCP feature that could allow an app to cause an unexpected system shutdown (CVE-2025-43478)

Vulnerability in the Assets feature that could allow an app to escape the sandbox (CVE-2025-43407)

Vulnerability in the Assets function that could allow an app to modify protected parts of the file system (CVE-2025-43446)

Kernel memory access vulnerability in the Audio function (CVE-2025-43361)

Vulnerability in the bash function that could allow an app to gain root privileges (CVE-2025-43472)

Vulnerability in the bootp function that could allow an app to access protected user data (CVE-2025-43394)

Vulnerability in the CloudKit function that could allow an app to escape the sandbox (CVE-2025-43448)

Vulnerability in the configd function that could allow an app to access protected user data (CVE-2025-43395)

Vulnerability in the CoreAnimation function that could allow remote attackers to cause a denial of service (CVE-2025-43401)

Vulnerabilities in the CoreServices function that could allow an app to access sensitive user data (CVE-2025-43479, CVE-2025-43382)

Vulnerability in the CoreText function that could allow apps to unexpectedly terminate or corrupt process memory when handling maliciously crafted media files (CVE-2025-43445)

Vulnerability in the Dock function that could allow an app to access sensitive user data (CVE-2025-43420)

Vulnerability in the FileProvider function that could allow an app to access sensitive user data (CVE-2025-43498)

Vulnerability in the Finder function that could allow Gatekeeper checks to be bypassed (CVE-2025-43348)

Kernel memory access vulnerability in the GPU Drivers function (CVE-2025-43474)

Vulnerability in the ImageIO function that could allow maliciously crafted media files to cause the app to terminate unexpectedly or corrupt process memory (CVE-2025-43372, CVE-2025-43338)

Vulnerability in the Installer feature that allows sandboxed apps to access sensitive user data (CVE-2025-43396)

Vulnerability in the Kernel function that could allow an app to cause an unexpected system shutdown (CVE-2025-43398)

Vulnerability in the libxpc function that could allow a sandbox app to observe system-wide network connections (CVE-2025-43413)

Vulnerability in the Notes function that could allow an app to access sensitive user data (CVE-2025-43389)

Vulnerability in the NSSpellChecker function that could allow an app to access sensitive user data (CVE-2025-43469)