CVE-2025-43291_CVE-2025-43291

5.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Description

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system.

Basic Information

ID CVE-2025-43291

Source apple

Published Sep 15, 2025 at 22:34

Modified Sep 16, 2025 at 18:09

Affected Product

Vendor Apple

Product macOS

Version unspecified

Affected Versions Apple macOS unspecified
Apple macOS unspecified
Apple macOS unspecified

CWE Classification

CWE-284

References

{
    "lastseen": "",
    "description": "A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system.",
    "published": "2025-09-15T22:34:46.960Z",
    "modified": "2025-09-16T18:09:35.571Z",
    "type": "cve",
    "title": "CVE-2025-43291",
    "source": "apple",
    "references": "https://support.apple.com/en-us/125112\nhttps://support.apple.com/en-us/125110\nhttps://support.apple.com/en-us/125111",
    "id": "CVE-2025-43291",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Apple macOS unspecified\nApple macOS unspecified\nApple macOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "macOS",
    "version": "unspecified",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}