Downgrade Issue in macOS Sequoia, Sonoma, and Ventura by Apple
CVE-2025-43245

Currently unrated

Key Information:

Vendor: Apple
Status: macOS
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-43245?

A downgrade vulnerability has been identified in macOS that allows an application to potentially access protected user data due to insufficient code-signing restrictions. This issue has been addressed in newer versions of macOS, specifically Sequoia 15.6, Sonoma 14.7.7, and Ventura 13.7.7. Users are encouraged to upgrade to these versions to mitigate the risk of unauthorized data access.

References

https://support.apple.com/en-us/124149

https://support.apple.com/en-us/124150

https://support.apple.com/en-us/124151

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025