ByteOS Network

NVD Vulnerability Details :

CVE-2025-43396

Modified

Source-product-security@apple.com

Published At-04 Nov, 2025 | 02:15

Updated At-17 Dec, 2025 | 21:15

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. A sandboxed app may be able to access sensitive user data.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CPE Matches

Apple Inc.

>>macos>>Versions from 14.0(inclusive) to 14.8.2(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Apple Inc.

>>macos>>Versions from 15.0(inclusive) to 15.7.2(exclusive)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-284	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-284

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://support.apple.com/en-us/125634	product-security@apple.com	N/A
https://support.apple.com/en-us/125635	product-security@apple.com	Release Notes Vendor Advisory
https://support.apple.com/en-us/125636	product-security@apple.com	Release Notes Vendor Advisory

Hyperlink: https://support.apple.com/en-us/125634

Source: product-security@apple.com

Resource: N/A

Hyperlink: https://support.apple.com/en-us/125635

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://support.apple.com/en-us/125636

Source: product-security@apple.com

Resource:

Release Notes

Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History