CVE-2025-43261

CVE-2025-43261

Information

CVE_ID              : CVE-2025-43261
Severity            : CRITICAL
Published        : 2025-07-30T00:15:37.693
LastModified  : 2025-11-03T20:18:58.513
Updated          : 2025-11-03T20:18:58.513
Status              : Modified

Descriptions:

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.


Know Exploitability

Exploitability : False

Vendor Affected

apple

CVE-2025-43261

V4.0

V3.1

Score : 9.8
Severity : CRITICAL
Attack Vector : NETWORK
Attack Complexity : LOW
Privileges Required : NONE
User Interaction : NONE
Scope : UNCHANGED
Confidentiality Impact : HIGH
Integrity Impact : HIGH
Availability Impact : HIGH
Exploitability : 3.9
Impact Score : 5.9

V3.0

V2.0

References

https://support.apple.com/en-us/124149

https://support.apple.com/en-us/124150

https://support.apple.com/en-us/124151

http://seclists.org/fulldisclosure/2025/Jul/32

http://seclists.org/fulldisclosure/2025/Jul/33

http://seclists.org/fulldisclosure/2025/Jul/34

Vendor Product
apple
  • macos*****
  • macos*****
  • macos*****