CVE-2025-43206

MEDIUM
2025-07-30 [email protected]
4.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 02, 2026 - 19:37 vuln.today
CVE Published
Jul 30, 2025 - 00:15 nvd
MEDIUM 4.0

Tags

Apple macOS Path Traversal Information Disclosure

Description

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.

Analysis

Path traversal vulnerability in macOS allows local applications to bypass directory path validation and access protected user data without authentication. Affecting macOS Ventura, Sonoma, and Sequoia, the flaw stems from improper path parsing that enables an unprivileged app to read sensitive files outside intended boundaries. Apple has released patches for all affected versions (Ventura 13.7.7, Sonoma 14.7.7, Sequoia 15.6); exploitation requires local access and app execution capability, resulting in low real-world risk despite moderate CVSS score.

Technical Context

The vulnerability is a path traversal flaw (CWE-22) affecting macOS kernel or system file handling mechanisms. The root cause involves insufficient validation of directory path components, likely allowing canonicalization bypass techniques such as embedded dot-dot sequences (..), symbolic links, or case-sensitivity inconsistencies to escape intended sandboxing or access control boundaries. The issue affects the core macOS operating system across multiple versions (CPE indicates Apple macOS wildcard matching Ventura, Sonoma, and Sequoia families), suggesting the vulnerability exists in a fundamental system library or kernel subsystem responsible for file path resolution. Attackers exploit this by crafting malicious paths that resolve to protected system or user directories when processed by vulnerable path validation routines.

Affected Products

Apple macOS Ventura versions prior to 13.7.7, macOS Sonoma versions prior to 14.7.7, and macOS Sequoia versions prior to 15.6 are affected. The vulnerability impacts all user installations of these operating systems regardless of hardware model or configuration. Detailed patch advisories are available from Apple support pages referenced in the vulnerability notices.

Remediation

Install the vendor-released patches immediately: macOS Ventura users should update to version 13.7.7 or later, macOS Sonoma users to version 14.7.7 or later, and macOS Sequoia users to version 15.6 or later. These updates are available through System Settings > General > Software Update on affected macOS systems. No workarounds are available for unpatched systems; users should avoid running untrusted third-party applications until patching is complete. Detailed patch and advisory information is available from Apple support articles at https://support.apple.com/en-us/124149, https://support.apple.com/en-us/124150, and https://support.apple.com/en-us/124151.

Priority Score

20
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +20
POC: 0

Share

CVE-2025-43206 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy