CVE-2025-43207 — Improper Access Control in Apple Macos

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 97.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 15

Latest updateSep 16

Description

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

▶CVEListV5apple/macos< 26

▶NVDapple/macos< 26.0

GHSA

GHSA-99ff-699p-48ph: This issue was addressed with improved entitlements↗2025-09-16

▶

CVEList

CVE-2025-43207: This issue was addressed with improved entitlements↗2025-09-15

▶

Apple

CVE-2025-43207: macOS Tahoe 26↗2025-09-15

▶