CVE-2025-43403 Apple CVE debrief

Who should care

macOS administrators and users responsible for maintaining system security posture, particularly those managing endpoints with sensitive user data. Organizations with compliance requirements around data confidentiality should prioritize patching.

Technical summary

This vulnerability stems from improper authorization (CWE-285) in macOS state management. A local attacker can exploit this with user interaction to gain high confidentiality impact—accessing sensitive user data without proper authorization. The attack requires no privileges but does need user interaction, with low complexity. Affected systems include macOS versions before 14.8.4 and versions 15.0 through 15.7.3. The fix involves improved state management to properly enforce authorization checks.

Defensive priority

medium

Recommended defensive actions

• Apply the relevant macOS security update: macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, or macOS Tahoe 26.
• Review application permissions and restrict unnecessary access to sensitive data.
• Monitor for unusual application behavior or unauthorized data access attempts.
• Ensure endpoint security tools are updated to detect potential exploitation attempts.

Evidence notes

CVE published 2026-02-11; modified 2026-05-26. CPE criteria confirm affected versions: macOS before 14.8.4 and 15.0 through 15.7.3. CVSS 3.1 vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N. Weakness: CWE-285.

Official resources