CVE-2025-43413
BaseFortify
Publication date: 2025-11-04
Last updated on: 2026-04-02
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | safari | to 26.1 (exc) |
| apple | ipados | to 26.1 (exc) |
| apple | iphone_os | to 26.1 (exc) |
| apple | macos | to 14.8.2 (exc) |
| apple | macos | From 15.0 (inc) to 15.7.2 (exc) |
| apple | visionos | to 26.1 (exc) |
| apple | watchos | to 26.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-693 | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves an access issue where a sandboxed application may be able to observe system-wide network connections, which it should not normally be able to do. The issue was addressed by adding additional sandbox restrictions in various Apple operating systems.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow a sandboxed app to monitor network connections across the entire system, potentially exposing sensitive network activity or data to unauthorized applications.
What immediate steps should I take to mitigate this vulnerability?
Update your devices to the fixed versions: visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, watchOS 26.1, iOS 26.1, iPadOS 26.1, or tvOS 26.1 to apply the sandbox restrictions that address this vulnerability.