CVE-2025-43471
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-12
Last updated on: 2025-12-16
Assigner: Apple Inc.
Description
Description
The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | to 26.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves an issue in macOS where an app may be able to access sensitive user data due to insufficient checks. The problem was addressed and fixed in macOS Tahoe 26.1 by implementing improved checks.
How can this vulnerability impact me? :
The vulnerability could allow an app to access sensitive user data without proper authorization, potentially leading to privacy breaches or unauthorized data exposure.
What immediate steps should I take to mitigate this vulnerability?
Update your macOS system to version Tahoe 26.1 or later, as this version includes the fix with improved checks to prevent the vulnerability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70