CVE-2025-43522

LOW
2025-12-12 [email protected]
3.3
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 02, 2026 - 19:37 vuln.today
CVE Published
Dec 12, 2025 - 21:15 nvd
LOW 3.3

Tags

Apple macOS Information Disclosure

Description

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data.

Analysis

Intel-based Mac computers running macOS Sequoia prior to 15.7.3 or macOS Tahoe prior to 26.2 are vulnerable to a cryptographic downgrade attack that allows unprivileged local applications to bypass code-signing restrictions and access sensitive user data. The vulnerability exploits inadequate validation of signed components, enabling information disclosure through JWT or similar signed-data attacks. Active exploitation has not been confirmed, and the extremely low EPSS score (0.01%) indicates minimal real-world exploitation risk despite the local attack vector.

Technical Context

The vulnerability involves improper validation of code signatures on Intel-based macOS systems, specifically related to cryptographic signature verification mechanisms (CWE-347: Improper Verification of Cryptographic Signature). The issue allows a downgrade attack where an application can bypass or weaken code-signing protections that normally enforce code integrity. The 'JWT Attack' tag suggests the weakness may relate to how signed tokens or certificates are validated, potentially allowing an attacker to present older or weaker signature formats that are still accepted by the validation logic. The vulnerability is specific to Intel processors on macOS (cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*) and affects the operating system's core code-signing enforcement mechanisms.

Affected Products

The vulnerability affects all Intel-based Mac computers running macOS Sequoia versions prior to 15.7.3 and macOS Tahoe versions prior to 26.2. The affected product is listed as Apple macOS across all versions (cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*), with the fix specifically implemented in macOS Sequoia 15.7.3 and macOS Tahoe 26.2. Additional details and confirmation of affected system configurations are available in Apple's security advisories at https://support.apple.com/en-us/125886 and https://support.apple.com/en-us/125887.

Remediation

Vendor-released patch: Update to macOS Sequoia 15.7.3 or macOS Tahoe 26.2 or later. Users on Intel-based Mac computers should immediately apply the corresponding security update for their operating system version. Apple has addressed this issue by implementing additional code-signing restrictions to prevent downgrade attacks. Detailed patching instructions and compatibility information are available at https://support.apple.com/en-us/125886. Users unable to patch immediately should minimize the installation and execution of untrusted applications from non-official sources, as the vulnerability requires local code execution with low privileges to exploit.

Priority Score

17
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +16
POC: 0

Share

CVE-2025-43522 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy