CVE-2025-43316Missing Authorization in Apple Macos

CWE-862Missing Authorization5 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple Visionos
Timeline
PublishedSep 15
Latest updateSep 16

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26, visionOS 26. A malicious app may be able to gain root privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5apple/macos< 26
NVDapple/macos< 26.0
CVEListV5apple/visionos< 26
NVDapple/visionos< 26.0

🔴Vulnerability Details

2
GHSA
GHSA-jr92-g569-92j2: A permissions issue was addressed with additional restrictions2025-09-16
CVEList
CVE-2025-43316: A permissions issue was addressed with additional restrictions2025-09-15

📋Vendor Advisories

2
Apple
CVE-2025-43316: macOS Tahoe 262025-09-15
Apple
CVE-2025-43316: visionOS 262025-09-15
CVE-2025-43316 — Missing Authorization in Apple Macos | cvebase