Ref# ADV2025_431 | Date: Dec 16th 2025

---

Apple has published a security advisory addressing vulnerabilities in several products on December 12^th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated.

• iOS – versions prior to 26.2
• iPadOS – versions prior to 26.2
• iOS – versions prior to 18.7.3
• iPadOS – versions prior to 18.7.3
• macOS Tahoe – versions prior to 26.2
• macOS Sequoia – versions prior to 15.7.3
• macOS Sonoma – versions prior to 14.8.3
• tvOS – versions prior to 26.2
• watchOS – versions prior to 26.2
• visionOS – versions prior to 26.2
• Safari – versions prior to 26.2

 

Apple is aware that CVE-2025-14174 and CVE-2025-43529 are being exploited.

On December 12, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) included CVE-2025-14174 in its Known Exploited Vulnerabilities (KEV) catalogue, followed by the addition of CVE-2025-43529 on December 15, 2025.

For more information on these updates, you can follow these URLs:

• Apple Security Notices
• Known Exploited Vulnerabilities Catalog | CISA

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary.

 PDF Download: Apple Security Advisory

References

• Apple Security Advisory. (December 15, 2025). Retrieved from Canadian Centre for Cyber Security.
  https://www.cyber.gc.ca/en/alerts-advisories/apple-security-advisory-av25-837

 

• Apple Security Advisory. (n.d.). Retrieved from Apple. https://support.apple.com/en-us/100100