macOS
CVE-2025-43517
LOW
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.
AnalysisAI
macOS logging system fails to redact protected user data from log entries, allowing local authenticated applications to access sensitive information through log files across Sequoia, Sonoma, and Tahoe versions. Apple addressed this privacy issue by improving data redaction mechanisms in patched versions (macOS Sequoia 15.7.3, Sonoma 14.8.3, Tahoe 26.2). No public exploit identified at time of analysis, with EPSS exploitation probability at 0.01% (3rd percentile), indicating minimal real-world risk despite local attack vector.
Technical ContextAI
This vulnerability stems from improper handling of sensitive data in system logging infrastructure, classified under CWE-532 (Insertion of Sensitive Information into Log File). The macOS operating system logs application activities and system events, but failed to consistently redact protected user data such as credentials, personal identifiers, or other confidential information before writing entries to accessible log files. A local authenticated application could enumerate or parse log files to extract this unredacted sensitive information, bypassing intended privacy controls. The issue affects the core logging subsystem across multiple macOS major versions (Sequoia 15.x, Sonoma 14.x, and Tahoe 26.x), indicating a systemic redaction gap rather than a version-specific flaw.
RemediationAI
Update to patched macOS versions immediately: macOS Sonoma users should upgrade to 14.8.3 or later, macOS Sequoia users to 15.7.3 or later, and macOS Tahoe users to 26.2 or later. Apply these updates through System Settings > General > Software Update to ensure the logging redaction improvements are deployed. No workarounds are available for unpatched systems; the vulnerability requires operating system level remediation. Refer to Apple's official security updates at support.apple.com/en-us/125886, 125887, and 125888 for download links and installation instructions specific to your macOS version.
An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility develope
A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability
Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CV
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev)
A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authent
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen
A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no auth
This issue was addressed with improved checks. Rated critical severity (CVSS 10.0), this vulnerability is remotely explo
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data t
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today