CVE-2025-43243
CRITICALCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
Analysis
File system permission bypass in macOS allows applications to modify protected system files without proper authorization. Affects macOS Sequoia (prior to 15.6), Sonoma (prior to 14.7.7), and Ventura (prior to 13.7.7). Despite a critical 9.8 CVSS score with network attack vector rating, the vulnerability requires local application execution, making the CVSS vector potentially misleading. EPSS exploitation probability is very low at 0.08% (24th percentile), and no public exploit identified at time of analysis. Tagged for information disclosure, though integrity impact is primary concern given file system modification capability.
Technical Context
This vulnerability stems from CWE-732 (Incorrect Permission Assignment for Critical Resource), specifically affecting macOS permission enforcement mechanisms that protect system-critical file system locations. The affected products span three major macOS versions: Sequoia 15.x, Sonoma 14.x, and Ventura 13.x according to CPE data. The issue involves insufficient restrictions on application-level file system operations, allowing apps to bypass intended protections on directories and files that should be restricted to system processes or privileged operations. Apple's permission model relies on sandboxing, entitlements, and System Integrity Protection (SIP) to prevent unauthorized file system modifications. This vulnerability represents a breakdown in one or more of these defensive layers, potentially allowing malicious or compromised applications to write to protected locations such as system frameworks, LaunchDaemons, or kernel extensions directories.
Affected Products
Apple macOS Sequoia versions prior to 15.6, macOS Sonoma versions prior to 14.7.7, and macOS Ventura versions prior to 13.7.7 are affected according to CPE identifiers cpe:2.3:o:apple:macos for all three version branches. The vulnerability impacts the core operating system permission enforcement subsystem across these three major macOS releases spanning multiple years of Apple desktop and laptop devices. Official vendor advisories are available at Apple Support articles HT124149, HT124150, and HT124151 for the respective macOS versions.
Remediation
Vendor-released patches are available: upgrade to macOS Sequoia 15.6, macOS Sonoma 14.7.7, or macOS Ventura 13.7.7 depending on current major version. Apple addressed the permissions issue through additional restrictions in the file system access control mechanisms. Users should apply updates through System Settings > General > Software Update or via Apple's enterprise deployment tools for managed environments. No workarounds are documented in the vendor advisories. Full remediation details and download links are available in Apple's security advisories at https://support.apple.com/en-us/124149 (Sequoia), https://support.apple.com/en-us/124150 (Sonoma), and https://support.apple.com/en-us/124151 (Ventura). Organizations should prioritize patching for systems where untrusted applications may be installed or where users have local admin rights that could facilitate exploitation.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today