CVE-2025-43231 — Improper Authorization in Apple Macos

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 95.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 15

Latest updateSep 16

Description

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An app may be able to access user-sensitive data.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

▶CVEListV5apple/macos< 14.8

▶NVDapple/macos< 14.8

GHSA

GHSA-vv32-hv6m-3h59: A logic issue was addressed with improved checks↗2025-09-16

▶

CVEList

CVE-2025-43231: A logic issue was addressed with improved checks↗2025-09-15

▶

Apple

CVE-2025-43231: macOS Sonoma 14.8↗2025-09-15

▶