CVE-2025-46276
BaseFortify
Publication date: 2025-12-12
Last updated on: 2026-04-02
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | to 14.8.3 (exc) |
| apple | macos | From 15.0 (inc) to 15.7.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an information disclosure issue where an app may be able to access sensitive user data due to insufficient privacy controls. It has been addressed by improving privacy controls in macOS Sonoma 14.8.3 and macOS Sequoia 15.7.3.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an app to access sensitive user data, which could lead to unauthorized disclosure of personal information. This type of information disclosure issue can negatively impact compliance with privacy regulations such as GDPR and HIPAA, which require protection of sensitive user data. The fixes implemented improve privacy controls and restrict unauthorized access, thereby helping to maintain compliance with these standards. [1, 2]
How can this vulnerability impact me? :
The vulnerability could allow an app to access sensitive user data without proper authorization, potentially leading to privacy breaches and unauthorized exposure of personal information.
What immediate steps should I take to mitigate this vulnerability?
Update your macOS system to macOS Sonoma 14.8.3 or macOS Sequoia 15.7.3 where this issue is fixed to mitigate the vulnerability.