CVE-2025-43241

MEDIUM
2025-07-30 [email protected]
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 02, 2026 - 19:37 vuln.today
CVE Published
Jul 30, 2025 - 00:15 nvd
MEDIUM 5.5

Tags

Apple macOS Information Disclosure

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to read files outside of its sandbox.

Analysis

Improper sandbox enforcement in macOS allows local applications to read files outside their designated sandbox boundaries without user authorization. The vulnerability affects macOS Sequoia before 15.6, macOS Sonoma before 14.7.7, and macOS Ventura before 13.7.7. An attacker controlling a sandboxed application can bypass file access restrictions through a permissions validation flaw, enabling confidentiality breaches of user data outside the app's intended scope. No public exploit code or active exploitation has been confirmed; the EPSS score of 0.01% indicates minimal real-world exploitation likelihood despite the medium CVSS rating.

Technical Context

This vulnerability stems from improper implementation of macOS sandbox enforcement mechanisms, classified under CWE-284 (Improper Access Control - Permissions, Privileges, and Other Access Controls). The macOS sandbox (also known as Sandbox.kext) is a mandatory access control system that restricts applications to specific file system locations and inter-process communication channels. The flaw allows a sandboxed process to circumvent these restrictions by exploiting insufficient permission validation during file access operations. The vulnerability requires local code execution (attack vector: local) and user interaction (a user must run or interact with the malicious application), but does not require elevated privileges (PR:N), making it accessible to any local user executing untrusted software.

Affected Products

macOS Sequoia versions prior to 15.6, macOS Sonoma versions prior to 14.7.7, and macOS Ventura versions prior to 13.7.7 are affected. The CPE data indicates the vulnerability affects Apple macOS across multiple major versions. Users should consult Apple's security advisories at https://support.apple.com/en-us/124149 (Sequoia), https://support.apple.com/en-us/124150 (Sonoma), and https://support.apple.com/en-us/124151 (Ventura) for version-specific impact details.

Remediation

Vendor-released patches are available for all affected macOS versions: update to macOS Sequoia 15.6 or later, macOS Sonoma 14.7.7 or later, or macOS Ventura 13.7.7 or later. Users should enable automatic security updates in System Settings under General > Software Update to receive the patch automatically. As an interim measure before patching, users should review installed applications and uninstall any untrusted third-party apps that request broad file system access permissions. Complete advisory details are available at https://support.apple.com/en-us/124149, https://support.apple.com/en-us/124150, and https://support.apple.com/en-us/124151.

Priority Score

28
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: 0

Share

CVE-2025-43241 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy