Detections
Analytics

macOS 26.x < 26.1 Multiple Vulnerabilities (125634)

high Nessus Plugin ID 272228

Language:

Synopsis

The remote host is missing a macOS update that fixes multiple vulnerabilities

Description

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.1. It is, therefore, affected by multiple vulnerabilities:

 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. (CVE-2025-32462)

 - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. (CVE-2024-43398)

 - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. (CVE-2024-49761)

 - A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app. (CVE-2025-30465)

 - A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data. (CVE-2025-43322)

Note that Nessus has not tested for these issues but has instead relied only on the operating system's self-reported version number.

Solution

Upgrade to macOS 26.1 or later.

See Also

https://support.apple.com/en-us/125634

Plugin Details

Severity: High

ID: 272228

File Name: macos_125634.nasl

Version: 1.3

Type: local

Agent: macosx

Published: 11/3/2025

Updated: 11/7/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-32462

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 7.7

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2024-49761

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:26.0, cpe:/o:apple:macos:26.0

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/3/2025

Vulnerability Publication Date: 8/22/2024

Reference Information

CVE: CVE-2024-43398, CVE-2024-49761, CVE-2025-30465, CVE-2025-32462, CVE-2025-43322, CVE-2025-43334, CVE-2025-43335, CVE-2025-43336, CVE-2025-43348, CVE-2025-43351, CVE-2025-43364, CVE-2025-43373, CVE-2025-43377, CVE-2025-43378, CVE-2025-43379, CVE-2025-43380, CVE-2025-43381, CVE-2025-43382, CVE-2025-43383, CVE-2025-43384, CVE-2025-43385, CVE-2025-43386, CVE-2025-43387, CVE-2025-43388, CVE-2025-43389, CVE-2025-43390, CVE-2025-43391, CVE-2025-43392, CVE-2025-43393, CVE-2025-43394, CVE-2025-43395, CVE-2025-43396, CVE-2025-43397, CVE-2025-43398, CVE-2025-43399, CVE-2025-43401, CVE-2025-43402, CVE-2025-43404, CVE-2025-43405, CVE-2025-43406, CVE-2025-43407, CVE-2025-43408, CVE-2025-43409, CVE-2025-43411, CVE-2025-43412, CVE-2025-43413, CVE-2025-43414, CVE-2025-43420, CVE-2025-43421, CVE-2025-43423, CVE-2025-43424, CVE-2025-43425, CVE-2025-43426, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43433, CVE-2025-43434, CVE-2025-43435, CVE-2025-43436, CVE-2025-43438, CVE-2025-43440, CVE-2025-43441, CVE-2025-43443, CVE-2025-43444, CVE-2025-43445, CVE-2025-43446, CVE-2025-43447, CVE-2025-43448, CVE-2025-43455, CVE-2025-43457, CVE-2025-43458, CVE-2025-43461, CVE-2025-43462, CVE-2025-43463, CVE-2025-43464, CVE-2025-43465, CVE-2025-43466, CVE-2025-43467, CVE-2025-43468, CVE-2025-43469, CVE-2025-43471, CVE-2025-43472, CVE-2025-43473, CVE-2025-43474, CVE-2025-43476, CVE-2025-43477, CVE-2025-43478, CVE-2025-43479, CVE-2025-43480, CVE-2025-43481, CVE-2025-43493, CVE-2025-43496, CVE-2025-43497, CVE-2025-43498, CVE-2025-43499, CVE-2025-43500, CVE-2025-43502, CVE-2025-43503, CVE-2025-43506, CVE-2025-43507, CVE-2025-53906, CVE-2025-6442

APPLE-SA: 125634

IAVA: 2025-A-0815