- Description
- A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to bypass certain Privacy preferences.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-284
- Hype score
- Not currently trending
macOS 15.6 came with a few CVEs: CVE-2025-43199: I have no idea whivh bug this is yet :) CVE-2025-43232: collab with @theevilbit CVE-2025-43268: classified as kernel but I reported anything like that All in all: it's chaos as usual, but patch your systems ASAP!
@gergely_kalman
29 Jul 2025
3601 Impressions
7 Retweets
57 Likes
9 Bookmarks
8 Replies
0 Quotes
🍎🐛macos 15.6 is out, a few new CVEs and mentions... NetAuth Impact: An app may be able to break out of its sandbox CVE-2025-43275 PackageKit Impact: An app may be able to bypass certain Privacy preferences CVE-2025-43232 CoreUtils We would like to acknowledge...
@theevilbit
29 Jul 2025
3095 Impressions
6 Retweets
47 Likes
9 Bookmarks
5 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32DF9916-8A45-426F-BA36-FC73FD668828",
"versionEndExcluding": "13.7.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F043DE0-C517-463D-9693-53789EB6132D",
"versionEndExcluding": "14.7.7",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF17CE2-DB4B-48D1-81AF-67EF1EC7BB45",
"versionEndExcluding": "15.6",
"versionStartIncluding": "15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]