Skip to main content

macOS CVE-2025-43339

| EUVDEUVD-2025-210119 MEDIUM
Improper Access Control (CWE-284)
2026-06-11 apple GHSA-v7ph-6xr9-c5p8
5.5
CVSS 3.1 · Vendor: apple
Share

Severity by source

Vendor (apple) PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
5.5 MEDIUM

Local execution of a low-privilege app suffices to trigger the bypass; only confidentiality is impacted since the flaw enables read-only access to user data.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (apple).

CVSS VectorVendor: apple

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
Jun 11, 2026 - 21:35 vuln.today
CVSS changed
Jun 11, 2026 - 20:22 NVD
5.5 (MEDIUM)
Patch available
Jun 11, 2026 - 20:01 EUVD
CVE Published
Jun 11, 2026 - 18:47 cve.org
MEDIUM 5.5
CVE Published
Jun 11, 2026 - 18:47 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to access sensitive user data.

AnalysisAI

Sandbox restriction bypass in macOS prior to Tahoe 26.1 allows a locally-installed malicious app to access sensitive user data outside its permitted sandbox scope. The flaw stems from improper access control (CWE-284) in the macOS application sandbox, a core security boundary meant to isolate app access to system resources. SSVC assessment confirms no known active exploitation and the attack is not automatable, while CVSS signals high confidentiality impact limited to local execution with low privileges.

Technical ContextAI

The macOS application sandbox enforces mandatory access controls that restrict what files, network resources, and system APIs a given app can reach. CWE-284 (Improper Access Control) indicates the sandbox boundary was insufficiently enforced - allowing a crafted app to circumvent declared entitlements or container restrictions and reach user data it should be blocked from reading. The affected product is identified via CPE as cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*, covering all macOS versions up to but not including 26.1 (Tahoe). The tag 'Authentication Bypass' suggests the flaw may relate to bypassing OS-level identity or entitlement checks that gate access to protected data stores such as contacts, photos, location, or keychain-adjacent paths.

RemediationAI

Vendor-released patch: macOS Tahoe 26.1. Users and administrators should update to macOS 26.1 or later immediately using System Settings > General > Software Update. The Apple security advisory at https://support.apple.com/en-us/125634 confirms the patch. For systems that cannot be updated immediately, compensating controls include restricting installation of untrusted or unvetted apps (enforce App Store-only policy via MDM), auditing existing app entitlements with tools such as codesign or Privacy Preferences Policy Control (PPPC) profiles, and reviewing Full Disk Access grants in System Settings > Privacy & Security to remove unnecessary permissions. Note that MDM-based app restrictions do not eliminate risk if a trusted-but-malicious app is already installed.

Share

CVE-2025-43339 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy