Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Lifecycle Timeline
4DescriptionCVE.org
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.
AnalysisAI
Type confusion in macOS memory handling allows local attackers to cause unexpected app termination through crafted user interaction, affecting macOS Sequoia before 15.6, Sonoma before 14.7.7, and Ventura before 13.7.7. With a CVSS score of 3.3 and SSVC exploitation status of 'none', this represents a low-severity local denial-of-service condition requiring user interaction; no public exploit code or active exploitation has been identified.
Technical ContextAI
The vulnerability stems from a type confusion weakness (CWE-843) in macOS memory handling routines. Type confusion occurs when an object is treated as a different data type than its actual type, leading to incorrect memory access patterns and potential memory corruption. The affected component is embedded across multiple macOS versions (Sequoia, Sonoma, Ventura) and impacts the general macOS operating system rather than a discrete application. The fix involved improved memory handling and type safety enforcement, though specific implementation details were not disclosed by Apple.
RemediationAI
Users of affected macOS versions must apply the vendor-released security updates: upgrade macOS Sequoia to 15.6 or later, macOS Sonoma to 14.7.7 or later, or macOS Ventura to 13.7.7 or later. These versions incorporate improved memory handling and type confusion mitigation. No workarounds for the underlying type confusion are available; patch deployment is the primary remediation path. Detailed update instructions are available in Apple's official security bulletins at https://support.apple.com/en-us/124149 (Sequoia), https://support.apple.com/en-us/124150 (Sonoma), and https://support.apple.com/en-us/124151 (Ventura).
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209195
GHSA-whc4-7qg7-64gg