Description
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data.
Published: 2025-07-29
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized access to protected user data
Action: Patch
AI Analysis

Impact

A downgrade vulnerability in macOS permits an application to bypass code‑signing restrictions and access protected user data. The weakness, classified as a downgrade attack, can allow any installed app to read or potentially modify data that should be confined to the user’s secure environment.

Affected Systems

Apple’s macOS operating system is affected. The issue is fixed in macOS Sequoia 15.6; all earlier releases are potentially vulnerable, though specific affected version ranges are not enumerated in the advisory.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, and the EPSS score of less than 1% suggests low likelihood of exploitation so far. The vulnerability is not listed in the CISA KEV catalog. Exploitation would likely require the delivery of a malicious or tampered application to the user, potentially via the App Store or other installation mechanisms. Successful exploitation would provide an attacker with access to confidential user data. The overall risk is moderate, but the attack surface is limited and no widespread exploitation has been reported yet.

Generated by OpenCVE AI on April 28, 2026 at 00:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to Sequoia 15.6 or newer to remove the downgrade flaw
  • Limit installation of applications from unverified developers by configuring Gatekeeper settings
  • Monitor for unexpected application behaviors or installations that may indicate a downgrade attempt

Generated by OpenCVE AI on April 28, 2026 at 00:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23100 A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data.
History

Tue, 28 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title macOS Downgrade Vulnerability Allows Access to Protected User Data

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 30 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-347
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Vendors & Products Apple
Apple macos
Apple macos Sequoia

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data.
References

Subscriptions

Apple Macos Macos Sequoia
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:10:59.501Z

Reserved: 2025-04-16T15:24:37.086Z

Link: CVE-2025-43185

cve-icon Vulnrichment

Updated: 2025-11-03T19:59:11.412Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:31.497

Modified: 2025-11-03T20:18:49.530

Link: CVE-2025-43185

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:00:10Z

Weaknesses