← Back

CVE-2025-43513

nvd nist
Published: Dec 12, 2025Modified: Apr 2, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information.

Affected (2)

Products: Apple: Macos
Apple
1 product
Macos
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Macos
Before 14.8.3
Macos
From 15.0 to 15.7.3

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (3)

Source: product-security@apple.com
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory

Timeline

No history available yet.