CVE-2025-43512

Published: Dec 12, 2025Modified: Apr 2, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to elevate privileges.

Affected (2)

Products: Apple: Macos

Apple

1 product

Macos

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Macos	Before 14.8.3
Apple Macos	From 15.0 to 15.7.3

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (4)

https://support.apple.com/en-us/125885

Source: product-security@apple.com

https://support.apple.com/en-us/125886

Source: product-security@apple.com

https://support.apple.com/en-us/125887

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/125888

Source: product-security@apple.com

Release NotesVendor Advisory

Timeline

No history available yet.