Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. USB Restricted Mode may not be applied to accessories connected during boot.
Published: 2025-09-15
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: USB Restricted Mode not enforced during boot
Action: Update
AI Analysis

Impact

A permissions defect caused the USB Restricted Mode feature to be ignored for accessories that are connected to a macOS system before the operating system starts. The result is that devices attached during the pre‑OS phase can interact with the machine without the intended security restrictions. This represents an improper access control flaw, as the system fails to enforce the constraints that the mode is supposed to provide. The official description does not confirm escalation of privileges or arbitrary code execution, but the condition could allow an attacker to insert a malicious accessory that operates before boot security measures are applied.

Affected Systems

Apple macOS installations running a version earlier than macOS Tahoe 26 are vulnerable. The vulnerability was fixed in macOS Tahoe 26; any older releases remain susceptible.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity. The EPSS score of less than 1% suggests a low probability of exploitation at the time of analysis. The vulnerability is not listed in CISA’s KEV catalog, indicating no known large‑scale exploitation campaigns. Because the fault is triggered by a USB device connected prior to boot, attackers would need physical access to the machine before it starts, which limits the threat to environments where such access is possible.

Generated by OpenCVE AI on April 28, 2026 at 18:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the system to macOS Tahoe 26 or a later release to obtain the vendor patch
  • Verify that USB Restricted Mode remains enabled after the update
  • Restrict physical access to the device and avoid connecting untrusted USB accessories during the boot process until the update is applied

Generated by OpenCVE AI on April 28, 2026 at 18:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29350 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. USB Restricted Mode may not be applied to accessories connected during boot.
History

Tue, 28 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Title USB Restricted Mode Bypass for Pre‑Boot USB Devices

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 17 Sep 2025 13:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Tue, 16 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 16 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-358
Metrics cvssV3_1

{'score': 5.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. USB Restricted Mode may not be applied to accessories connected during boot.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:08:04.279Z

Reserved: 2025-04-16T15:24:37.097Z

Link: CVE-2025-43262

cve-icon Vulnrichment

Updated: 2025-11-03T18:09:49.075Z

cve-icon NVD

Status : Modified

Published: 2025-09-15T23:15:31.020

Modified: 2025-11-03T19:15:55.100

Link: CVE-2025-43262

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T18:45:15Z

Weaknesses