Cyber Resilience

CVE-2025-43244

Critical

Published: 30 July 2025

Published
30 July 2025
Modified
03 November 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0050 66.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-43244 is a critical-severity Race Condition (CWE-362) vulnerability in Apple Macos. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 33.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and CM-11 (User-installed Software).

Deeper analysis

CVE-2025-43244 is a race condition vulnerability (CWE-362) addressed through improved state handling in macOS. It affects macOS Sequoia versions prior to 15.6, macOS Sonoma prior to 14.7.7, and macOS Ventura prior to 13.7.7. The issue enables an app to cause unexpected system termination and carries a CVSS v3.1 base score of 9.8 (Critical), reflecting network accessibility, low complexity, no privileges or user interaction required, and high impacts on confidentiality, integrity, and availability.

A remote, unauthenticated attacker (AV:N/AC:L/PR:N/UI:N) can exploit this race condition by leveraging a malicious app, leading to high confidentiality (C:H), integrity (I:H), and availability (A:H) impacts with unchanged scope (S:U). The primary effect is unexpected system termination, potentially enabling broader disruption.

Apple advisories confirm the vulnerability was fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7 via improved state handling. Mitigation involves applying these updates, with further details in security content releases at https://support.apple.com/en-us/124149, https://support.apple.com/en-us/124150, https://support.apple.com/en-us/124151, and Full Disclosure mailing list entries at http://seclists.org/fulldisclosure/2025/Jul/32 and http://seclists.org/fulldisclosure/2025/Jul/33.

EU & UK References

Vulnerability details

A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Race condition enables application/system exploitation leading to termination (DoS).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-30444Same product: Apple Macos
CVE-2025-24265Same product: Apple Macos
CVE-2026-28924Same product: Apple Macos
CVE-2026-28842Same product: Apple Macos
CVE-2024-40849Same product: Apple Macos
CVE-2026-28891Same product: Apple Macos
CVE-2025-24139Same product: Apple Macos
CVE-2026-28817Same product: Apple Macos
CVE-2025-43275Same product: Apple Macos
CVE-2025-31188Same product: Apple Macos

Affected Assets

apple
macos
≤ 13.7.7 · 14.0 — 14.7.7 · 15.0 — 15.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 directly and comprehensively addresses the CVE by requiring timely remediation of the race condition flaw through application of the vendor patches released for macOS Sequoia 15.6, Sonoma 14.7.7, and Ventura 13.7.7.

prevent

CM-11 mitigates exploitation by restricting user-installed software, preventing malicious apps from triggering the race condition to cause unexpected system termination.

detect

RA-5 detects the presence of the unpatched race condition vulnerability in macOS systems through periodic vulnerability scanning.

References