Skip to main content

Apple macOS CVE-2025-43451

| EUVD-2025-209944 MEDIUM
Improper Access Control (CWE-284)
2026-05-26 apple
Authentication Bypass Apple
5.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
May 27, 2026 - 19:42 vuln.today
CVSS changed
May 27, 2026 - 19:37 NVD
5.5 (MEDIUM)
Patch available
May 26, 2026 - 23:02 EUVD
CVE Published
May 26, 2026 - 21:32 nvd
MEDIUM 5.5
CVE Published
May 26, 2026 - 21:32 nvd
UNKNOWN (no severity yet)

DescriptionNVD

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data.

AnalysisAI

Improper access control in Apple macOS (all versions before Tahoe 26) allows a locally installed application running with standard user privileges to access sensitive user data beyond its authorized scope. The root cause - a faulty permissions enforcement code path - was remediated by removing the vulnerable code entirely in macOS Tahoe 26. No public exploit identified at time of analysis, and the vulnerability has not been added to the CISA KEV catalog.

Technical ContextAI

The vulnerability is classified under CWE-284 (Improper Access Control), indicating that the macOS subsystem responsible for mediating application access to user data failed to correctly enforce permission boundaries. The fix involved code removal rather than a logic correction, suggesting the vulnerable code path was either redundant or an unnecessary exposure. CPE data (cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*) confirms all macOS releases prior to version 26 (Tahoe) are in scope. The ENISA EUVD entry (EUVD-2025-209944) corroborates the affected version range as macOS 0 through pre-26. Tags indicate an authentication bypass dimension, consistent with an app circumventing user-level data access controls enforced by the OS.

RemediationAI

The primary fix is to upgrade to macOS Tahoe 26, in which Apple resolved the issue by removing the vulnerable code. The vendor advisory is available at https://support.apple.com/en-us/125110. For systems that cannot be immediately upgraded, compensating controls should focus on restricting which applications are permitted to run - enforcing application allowlisting via MDM profiles or Gatekeeper policies to prevent untrusted or unvetted apps from executing. Note that restricting app execution introduces usability trade-offs and requires baseline policy management infrastructure. There is no documented workaround that neutralizes the permissions flaw itself without upgrading. Patch availability is confirmed by the vendor advisory; the exact patched version is macOS Tahoe 26.

More from same product – last 7 days

CVE-2026-44739 HIGH
8.7 May 27

SQL injection in Pimcore's CustomReportsBundle (versions ≤ 12.3.5) lets an authenticated user holding the reports_config
CVE-2026-5817 HIGH
8.2 May 22

Arbitrary code execution in Docker Model Runner's vllm-metal inference backend on macOS allows any container on the Dock
CVE-2026-5843 HIGH
8.2 May 22

Arbitrary code execution in Docker Desktop's Model Runner on macOS allows any container on the Docker network to escape

CVE-2025-43306 HIGH
7.8 May 26

Local privilege escalation in Apple macOS allows a malicious app already running with low privileges to elevate to root

CVE-2026-49237 HIGH
7.8 May 28

Local privilege escalation in Canonical Multipass for macOS before 1.16.3 allows a low-privileged local user to obtain r

Share

CVE-2025-43451 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy