CVE-2025-43231
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-11-03
Assigner: Apple Inc.
Description
Description
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An app may be able to access user-sensitive data.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | to 14.8 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a logic issue that was addressed by improving checks in the system. It could allow an app to access user-sensitive data improperly.
How can this vulnerability impact me? :
An app exploiting this vulnerability may be able to access sensitive user data without proper authorization, potentially compromising your privacy and security.
What immediate steps should I take to mitigate this vulnerability?
Update your system to macOS Sonoma 14.8 or later, where this issue is fixed. Avoid running untrusted applications that may attempt to access user-sensitive data until the update is applied.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70