CVE-2025-43198 - Vulnerability Details

- Unauthorized Access to Protected macOS User Data

Description

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data.

Published: 2025-07-29

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability was mitigated by removing the specific code that allowed an application to read protected user data, indicating that before the fix an attacker’s application could potentially read sensitive information. The weakness falls under Incorrect Access Control (CWE‑284), which can lead to unauthorized disclosure of data owned by the user or the system. The description does not detail the sensor it acts on, however the fix statement implies that the code path was dangerous enough to warrant removal entirely.

Affected Systems

Apple’s macOS operating system is affected, specifically versions released before macOS Sequoia 15.6 and before macOS Sonoma 14.7.7. Users running earlier releases of these macOS branches are vulnerable until they apply the update that contains the removal of the problematic code.

Risk and Exploitability

With a CVSS score of 9.8 the vulnerability is considered critical. The EPSS score of less than 1% indicates that, at present, the probability of exploitation in the wild is very low, and the vulnerability is not reported as a known exploited vulnerability in the CISA KEV catalog. The likely attack vector is local, where a malicious or compromised application runs with user privileges and exploits the flawed access control to read protected data. No remote exploitation vector is indicated in the available information.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apple

macOS

affected

Version	Status	Constraints
`0`	affected	< 14.7.7
`0`	affected	< 15.6

Configuration 1 [-]

OR	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

No data.

Vendor	Product	Confidence	Versions
Apple	Macos	—	—
Apple	Macos Sequoia	—	—
Apple	Macos Sonoma	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest macOS update that contains the fix (macOS Sequoia 15.6 or later, macOS Sonoma 14.7.7 or later).
If an upgrade is not immediately possible, limit the execution of untrusted third‑party applications and enforce sandboxing to restrict access to protected system resources.
Monitor system logs for attempts to read protected user data and review application permissions to detect potential misuse.

Generated by OpenCVE AI on April 28, 2026 at 00:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-23092	This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00111.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
http://seclists.org/fulldisclosure/2025/Jul/32
http://seclists.org/fulldisclosure/2025/Jul/33
https://support.apple.com/en-us/124149
https://support.apple.com/en-us/124150

History

Tue, 28 Apr 2026 01:00:00 +0000

Type	Values Removed	Values Added
Title		Unauthorized Access to Protected macOS User Data

Mon, 03 Nov 2025 20:30:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2025/Jul/32 http://seclists.org/fulldisclosure/2025/Jul/33

Thu, 31 Jul 2025 21:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:apple:macos::::::::

Wed, 30 Jul 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 30 Jul 2025 18:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-284
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Wed, 30 Jul 2025 11:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos Apple macos Sequoia Apple macos Sonoma
Vendors & Products		Apple Apple macos Apple macos Sequoia Apple macos Sonoma

Tue, 29 Jul 2025 23:45:00 +0000

Type	Values Removed	Values Added
Description		This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data.
References		https://support.apple.com/en-us/124149 https://support.apple.com/en-us/124150

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2025-07-29T23:35:28.810Z

Updated: 2026-04-02T18:14:24.920Z

Reserved: 2025-04-16T15:24:37.087Z

Link: CVE-2025-43198

Vulnrichment

Updated: 2025-07-30T13:25:20.245Z

NVD

Status : Modified

Published: 2025-07-30T00:15:32.710

Modified: 2025-11-03T20:18:51.400

Link: CVE-2025-43198

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-28T00:45:17Z

Weaknesses

CWE-284

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object