Primary

Context

Apple Out-of-Bounds Write Vulnerability in Font Processing

Vulnerability

Patched

A vulnerability allowing out-of-bounds write operations has been identified in the FontParser component of various Apple operating systems, including macOS, iOS, iPadOS, and visionOS. This vulnerability arises from insufficient bounds checking when processing certain fonts, which can lead to unexpected application crashes or corruption of process memory. The issue has been addressed in multiple recent updates.

Impact

Exploitation of this vulnerability can cause applications to terminate unexpectedly or result in the corruption of process memory, potentially leading to further exploitation.

Remediation

Users can update to the latest versions of macOS Sonoma, macOS Tahoe, macOS Sequoia, iOS 26.0.1, iPadOS 26.0.1, iOS 18.7.1, iPadOS 18.7.1, or visionOS 26.0.1 to address this vulnerability.

Added: Sep 29, 2025, 6:20 PM

Updated: Sep 29, 2025, 7:49 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

3.1

exploitability

4.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

3.1

exploitability

4.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Out-of-Bounds Write Vulnerability in Font Processing

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Sonoma

Apple macOS Tahoe

Apple iPadOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating