CVE-2025-43296
BaseFortify
Publication date: 2025-10-09
Last updated on: 2025-10-20
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | to 26.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-703 | The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product. |
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-693 | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Update your system to macOS Tahoe 26 or later, as this version includes the fix for the vulnerability that allows an app to bypass Gatekeeper checks. [1]
How can this vulnerability impact me? :
By bypassing Gatekeeper checks, malicious or untrusted applications could run on your macOS system without proper verification, potentially leading to unauthorized code execution, security breaches, or installation of harmful software.
Can you explain this vulnerability to me?
This vulnerability is a logic issue in macOS Tahoe 26 that allows an app to bypass Gatekeeper checks due to insufficient validation. Gatekeeper is a security feature designed to ensure that only trusted software runs on macOS, and this flaw lets an app circumvent those protections.