Description
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory.
Published: 2025-09-15
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory disclosure of coprocessor data
Action: Patch
AI Analysis

Impact

The vulnerability is an out‑of‑bounds read (CWE‑125) that allows an application to read data beyond a buffer boundary and potentially access coprocessor memory. A successful exploit could expose sensitive information stored in the coprocessor, such as cryptographic keys or personal data, thereby compromising confidentiality. The flaw affects memory integrity but does not provide execution privileges. The CVSS score of 5.5 indicates a moderate impact.

Affected Systems

The flaw is present in Apple macOS versions older than macOS Tahoe 26; macOS Tahoe 26 and later contain a fix with improved bounds checking. Any macOS installation using a version prior to this release is susceptible.

Risk and Exploitability

The EPSS score of less than 1% reflects a very low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog, indicating no proven active exploitation. The likely attack vector is local or requires a malicious application; a malicious app could trigger the read to obtain coprocessor data. Because the issue does not enable code execution, the risk is moderate but merits remediation to protect confidential coprocessor information.

Generated by OpenCVE AI on April 28, 2026 at 10:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade macOS to version 26 (macOS Tahoe) or later to receive the fixed bounds‑checking code.
  • Restrict installation of untrusted applications and enforce Gatekeeper to prevent execution of unsigned or compromised binaries.
  • Monitor Apple security advisories for any additional mitigation guidance or new exploits.

Generated by OpenCVE AI on April 28, 2026 at 10:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29353 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory.
History

Tue, 28 Apr 2026 11:15:00 +0000

Type Values Removed Values Added
Title Coprocessor Memory Disclosure via Out‑of‑Bounds Read in macOS

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 17 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Tue, 16 Sep 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:53.612Z

Reserved: 2025-04-16T15:24:37.114Z

Link: CVE-2025-43366

cve-icon Vulnrichment

Updated: 2025-09-16T13:41:22.912Z

cve-icon NVD

Status : Modified

Published: 2025-09-15T23:15:38.143

Modified: 2025-11-03T19:16:04.663

Link: CVE-2025-43366

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T11:00:14Z

Weaknesses