Description
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.
Published: 2025-11-04
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information disclosure of user‑sensitive data
Action: Apply Patch
AI Analysis

Impact

Apple introduced an entitlement validation flaw that allows a malicious application to retrieve sensitive data belonging to the user. The vulnerability is a classic information disclosure weakness (CWE‑200) where inadequate permission checks enable access to private data. If exploited, an attacker running a malicious app could read data such as user credentials, personal documents, or other confidential files without the user’s explicit consent, harming confidentiality and potentially leading to broader compromise.

Affected Systems

The flaw affects macOS releases prior to the security updates issued for Sequoia 15.7.2, Sonoma 14.8.2 and Tahoe 26.1. All earlier versions of Apple’s macOS on those code names are potentially vulnerable unless additional patches have been applied. The issue is not vendor‑specific beyond macOS, so any installation of the affected OS is at risk.

Risk and Exploitability

With a CVSS score of 5.5 the vulnerability is moderate, reflecting limited exploitation scope. The EPSS score of less than 1 % indicates that observed exploitation in the wild is very rare, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local, requiring an application to run with user privileges; the attacker must obtain or trigger execution of an app that can bypass entitlement checks. No network‑based attack is described, therefore exposure risk is primarily to users with malicious apps on their device.

Generated by OpenCVE AI on April 27, 2026 at 23:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to Sequoia 15.7.2, Sonoma 14.8.2, or Tahoe 26.1 to include the entitlement check fix
  • Enable Gatekeeper to only allow applications from the Mac App Store and identified developers, reducing the chance that malicious apps run
  • Run a reliable antivirus or XProtect scan to detect and remove malicious applications that might exploit the flaw

Generated by OpenCVE AI on April 27, 2026 at 23:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
Title Apple macOS User Sensitive Data Exposure via Entitlement Check Bypass

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access user-sensitive data. This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.

Wed, 17 Dec 2025 21:00:00 +0000

Type Values Removed Values Added
Description This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data. This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access user-sensitive data.
References

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple macos Sequoia
Apple macos Sonoma
Vendors & Products Apple macos Sequoia
Apple macos Sonoma

Tue, 04 Nov 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 04 Nov 2025 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data.
References

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:24:12.767Z

Reserved: 2025-04-16T15:24:37.121Z

Link: CVE-2025-43411

cve-icon Vulnrichment

Updated: 2025-11-04T14:58:24.635Z

cve-icon NVD

Status : Modified

Published: 2025-11-04T02:15:47.403

Modified: 2026-04-02T19:20:41.763

Link: CVE-2025-43411

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T23:15:06Z

Weaknesses