CVE-2025-43517

LOW
2025-12-12 [email protected]
3.3
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 02, 2026 - 19:37 vuln.today
CVE Published
Dec 12, 2025 - 21:15 nvd
LOW 3.3

Tags

Apple macOS Information Disclosure

Description

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.

Analysis

macOS logging system fails to redact protected user data from log entries, allowing local authenticated applications to access sensitive information through log files across Sequoia, Sonoma, and Tahoe versions. Apple addressed this privacy issue by improving data redaction mechanisms in patched versions (macOS Sequoia 15.7.3, Sonoma 14.8.3, Tahoe 26.2). No public exploit identified at time of analysis, with EPSS exploitation probability at 0.01% (3rd percentile), indicating minimal real-world risk despite local attack vector.

Technical Context

This vulnerability stems from improper handling of sensitive data in system logging infrastructure, classified under CWE-532 (Insertion of Sensitive Information into Log File). The macOS operating system logs application activities and system events, but failed to consistently redact protected user data such as credentials, personal identifiers, or other confidential information before writing entries to accessible log files. A local authenticated application could enumerate or parse log files to extract this unredacted sensitive information, bypassing intended privacy controls. The issue affects the core logging subsystem across multiple macOS major versions (Sequoia 15.x, Sonoma 14.x, and Tahoe 26.x), indicating a systemic redaction gap rather than a version-specific flaw.

Affected Products

Apple macOS across multiple versions: macOS Sonoma versions prior to 14.8.3, macOS Sequoia versions prior to 15.7.3, and macOS Tahoe versions prior to 26.2. The CPE identifiers indicate all macOS installations during these release cycles are affected until patching. Detailed vulnerability information and patch availability are documented in Apple Security Updates advisory HT115886, with additional guidance in advisories HT115887 and HT115888.

Remediation

Update to patched macOS versions immediately: macOS Sonoma users should upgrade to 14.8.3 or later, macOS Sequoia users to 15.7.3 or later, and macOS Tahoe users to 26.2 or later. Apply these updates through System Settings > General > Software Update to ensure the logging redaction improvements are deployed. No workarounds are available for unpatched systems; the vulnerability requires operating system level remediation. Refer to Apple's official security updates at support.apple.com/en-us/125886, 125887, and 125888 for download links and installation instructions specific to your macOS version.

Priority Score

17
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +16
POC: 0

Share

CVE-2025-43517 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy