Configuration Issue in macOS Sequoia and Sonoma by Apple
CVE-2025-43192

9.8CRITICAL

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-43192?

A configuration issue was identified within macOS Sequoia and Sonoma, related to user enrollment processes. Although additional restrictions have been implemented in versions 15.6 and 14.7.7 to mitigate this risk, there is still a potential for account-driven User Enrollment under certain conditions, especially when Lockdown Mode is enabled. Users and administrators are advised to apply the latest updates to ensure enhanced security.

Affected Version(s)

macOS < 15.6

macOS < 14.7

References

https://support.apple.com/en-us/124149

https://support.apple.com/en-us/124150

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025