CVE-2025-46289

MEDIUM
2025-12-12 [email protected]
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 02, 2026 - 19:37 vuln.today
CVE Published
Dec 12, 2025 - 21:15 nvd
MEDIUM 5.5

Tags

Apple macOS Information Disclosure

Description

A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.

Analysis

Improper file handling in macOS allows local applications to access protected user data through a logic flaw in the operating system's file access controls. The vulnerability affects macOS Sequoia, Sonoma, and Tahoe, requiring user interaction to trigger exploitation and resulting in unauthorized disclosure of sensitive information without the ability to modify or disable system access. Apple has released patched versions (macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2), with no public exploit code identified at time of analysis.

Technical Context

The vulnerability stems from a logic issue classified under CWE-285 (Improper Authorization), which typically involves flawed decision-making in access control mechanisms rather than cryptographic failures or implementation defects. In this case, the flaw exists in macOS file handling routines that govern access to protected user data. An application running on the local system can exploit this logic gap to bypass the intended file access restrictions, accessing data that should be confined to authorized processes or specific user contexts. The issue is not a complete authentication bypass but rather an authorization logic error that allows unauthorized file access once an app is running locally.

Affected Products

Apple macOS operating system across three major versions: macOS Sequoia (versions prior to 15.7.3), macOS Sonoma (versions prior to 14.8.3), and macOS Tahoe (versions prior to 26.2). The CPE indicators reflect any version of macOS across all release branches. For exact affected version ranges and product-specific details, refer to Apple security advisories at https://support.apple.com/en-us/125886 (Sequoia), https://support.apple.com/en-us/125887 (Sonoma), and https://support.apple.com/en-us/125888 (Tahoe).

Remediation

Vendor-released patches are available: update to macOS Sequoia 15.7.3 or later, macOS Sonoma 14.8.3 or later, or macOS Tahoe 26.2 or later, depending on the affected system. Users should prioritize applying these updates through System Settings > General > Software Update, ensuring the device is connected to power and a stable network connection during the update process. No workarounds are documented; patching is the definitive remediation. Refer to the official Apple security advisories at https://support.apple.com/en-us/125886, https://support.apple.com/en-us/125887, and https://support.apple.com/en-us/125888 for detailed update instructions and verification of patch application.

Priority Score

28
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: 0

Share

CVE-2025-46289 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy