Description
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items.
Published: 2025-07-29
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Keychain access via authorization flaw
Action: Apply update
AI Analysis

Impact

An authorization flaw in macOS allows a local attacker to access Keychain items by exploiting insufficient state verification. The weakness is identified as CWE-863 and could expose sensitive credentials stored in the Keychain.

Affected Systems

Apple macOS systems prior to macOS Sequoia 15.6 are affected; the issue is fixed in macOS Sequoia 15.6.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate risk, while the EPSS score of less than 1% points to a low likelihood of exploitation. The vulnerability is not listed in CISA KEV. It requires a local attacker with user privileges to manipulate state management and read Keychain data.

Generated by OpenCVE AI on April 28, 2026 at 00:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the macOS Sequoia 15.6 update or later to address the authorization issue
  • Restrict local account privileges and enforce least privilege on user accounts
  • Enable auditing of Keychain access to detect unauthorized read operations

Generated by OpenCVE AI on April 28, 2026 at 00:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23074 An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items.
History

Tue, 28 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title Local Authorization Escalation to Access Keychain Items

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 21:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Thu, 31 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Vendors & Products Apple
Apple macos
Apple macos Sequoia

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items.
References

Subscriptions

Apple Macos Macos Sequoia
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:21:44.007Z

Reserved: 2025-04-16T15:24:37.092Z

Link: CVE-2025-43251

cve-icon Vulnrichment

Updated: 2025-11-03T20:03:05.257Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:36.947

Modified: 2025-11-03T20:18:57.330

Link: CVE-2025-43251

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:00:10Z

Weaknesses