CVE-2025-43195_CVE-2025-43195

5.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Description

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.

Basic Information

ID CVE-2025-43195

Source apple

Published Jul 29, 2025 at 23:35

Modified Jul 30, 2025 at 18:06

Affected Product

Vendor Apple

Product macOS

Version unspecified

Affected Versions Apple macOS unspecified
Apple macOS unspecified
Apple macOS unspecified

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.",
    "published": "2025-07-29T23:35:37.194Z",
    "modified": "2025-07-30T18:06:43.518Z",
    "type": "cve",
    "title": "CVE-2025-43195",
    "source": "apple",
    "references": "https://support.apple.com/en-us/124149\nhttps://support.apple.com/en-us/124150\nhttps://support.apple.com/en-us/124151",
    "id": "CVE-2025-43195",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "Apple macOS unspecified\nApple macOS unspecified\nApple macOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "macOS",
    "version": "unspecified",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}