Description
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Tahoe 26. An app with root privileges may be able to access private information.
Published: 2025-09-15
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Confidentiality breach via Access Control
Action: Patch
AI Analysis

Impact

This vulnerability arises from missing entitlement checks that allow an executable running with root privileges to bypass access controls and read private data that should be protected. The flaw is classified as missing authorization and could lead to accidental or intentional exposure of confidential information by any root‑privileged application. The damage is limited to data confidentiality and does not involve denial of service or unauthorized code execution beyond the accessed data.

Affected Systems

The flaw affects Apple macOS systems running any version prior to the macOS Tahoe 26 release. Apple macOS is the sole vendor listed, and the issue is present in all earlier builds until the entitlement checks introduced in macOS Tahoe 26 mitigate the risk.

Risk and Exploitability

The CVSS score of 6.2 indicates a moderate severity. The EPSS score of less than 1 % suggests a low probability of exploitation at this time, and the vulnerability is not listed in the CISA KEV catalog. Exploitation likely requires a local root‑privileged app or the ability to execute code as root, meaning the attack vector is local. Because the flaw permits reads of private information but not broader system compromise, the overall risk is classified as moderate unless root access is widely distributed.

Generated by OpenCVE AI on April 28, 2026 at 10:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update your macOS installation to macOS Tahoe 26 or later, which includes entitlement checks that fix the issue.
  • Review and remove any applications that run with root privileges unless they are absolutely required.
  • Configure macOS Gatekeeper or equivalent security settings to enforce proper entitlement checks and restrict permission escalation for third‑party software.

Generated by OpenCVE AI on April 28, 2026 at 10:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29299 This issue was addressed with additional entitlement checks. This issue is fixed in macOS Tahoe 26. An app with root privileges may be able to access private information.
History

Tue, 28 Apr 2026 11:00:00 +0000

Type Values Removed Values Added
Title Root Privilege Bypass of Private Data Access on macOS

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 17 Sep 2025 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Tue, 16 Sep 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-862
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description This issue was addressed with additional entitlement checks. This issue is fixed in macOS Tahoe 26. An app with root privileges may be able to access private information.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:20:32.896Z

Reserved: 2025-04-16T15:24:37.107Z

Link: CVE-2025-43318

cve-icon Vulnrichment

Updated: 2025-11-03T18:11:08.879Z

cve-icon NVD

Status : Modified

Published: 2025-09-15T23:15:34.843

Modified: 2025-11-03T19:16:00.247

Link: CVE-2025-43318

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T10:45:29Z

Weaknesses