Description
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.
Published: 2025-11-04
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Data Access
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a downgrade issue on Intel-based Macs that allows applications to bypass newer code‑signing restrictions. By exploiting this weakness, a malicious or compromised app could gain unauthorized access to sensitive user data. This flaw is classified as CWE‑347, a downgrade output vulnerability, meaning the system can accept a less secure version of a signature or code component.

Affected Systems

Affected systems are Intel‑based Mac computers running macOS up to but not including the versions that contain the fix (macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1). Any earlier releases on Intel processors are potentially vulnerable. The fix is applied via updates distributed by Apple.

Risk and Exploitability

The CVSS score of 5.5 categorizes the vulnerability as moderate in severity, and the EPSS score of less than 1 % indicates a very low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to run a malicious application on the target machine; the likely vector is local delivery, such as installing a rogue app or distributing compromised software that takes advantage of the downgrade in code‑signing enforcement. Because the issue stems from reduced trust in system signatures, a successful exploitation would primarily enable confidential data disclosure rather than immediate system compromise.

Generated by OpenCVE AI on April 22, 2026 at 21:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the macOS update that contains the fix (macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, or macOS Tahoe 26.1).
  • Configure Gatekeeper to require signed applications, preventing the execution of unsigned or low‑trust code.
  • Inspect installed applications for unexpected or unsigned binaries, especially those that may access sensitive user data, and remove any that are questionable.

Generated by OpenCVE AI on April 22, 2026 at 21:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Title Downgrade Issue Allows Apps to Access Sensitive User Data on Intel-Based macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data. A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.

Wed, 17 Dec 2025 21:00:00 +0000

Type Values Removed Values Added
Description A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data. A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data.
References

Wed, 05 Nov 2025 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Wed, 05 Nov 2025 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-347
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Tue, 04 Nov 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 17:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Vendors & Products Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma

Tue, 04 Nov 2025 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data.
References

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:08:49.787Z

Reserved: 2025-04-16T15:24:37.126Z

Link: CVE-2025-43468

cve-icon Vulnrichment

Updated: 2025-11-04T16:09:19.736Z

cve-icon NVD

Status : Modified

Published: 2025-11-04T02:15:51.610

Modified: 2026-04-02T19:20:51.250

Link: CVE-2025-43468

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T22:00:18Z

Weaknesses