CVE-2025-43240Improper Check or Handling of Exceptional Conditions in Apple Macos

CWE-703Improper Check or Handling of Exceptional Conditions10 documents8 sources
Severity
6.2MEDIUMNVD
EPSS
0.1%
top 82.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple Safari
Timeline
PublishedJul 30
Latest updateAug 19

Description

A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be incorrectly associated.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.5 | Impact: 3.6

Affected Packages4 packages

CVEListV5apple/macos< 15.6
NVDapple/macos< 15.6
CVEListV5apple/safari< 18.6
NVDapple/safari< 18.6

🔴Vulnerability Details

4
GHSA
GHSA-2c58-jp5q-q38f: A logic issue was addressed with improved checks2025-07-30
OSV
CVE-2025-43240: A logic issue was addressed with improved checks2025-07-30
OSV
CVE-2025-43240: A logic issue was addressed with improved checks2025-07-30
CVEList
CVE-2025-43240: A logic issue was addressed with improved checks2025-07-29

📋Vendor Advisories

5
Ubuntu
WebKitGTK vulnerabilities2025-08-19
Apple
CVE-2025-43240: Safari 18.62025-07-30
Apple
CVE-2025-43240: macOS Sequoia 15.62025-07-29
Red Hat
webkitgtk: A download’s origin may be incorrectly associated2025-07-29
Debian
CVE-2025-43240: webkit2gtk - A logic issue was addressed with improved checks. This issue is fixed in Safari ...2025
CVE-2025-43240 — Apple Macos vulnerability | cvebase