216.73.217.80

CVE-2025-43298

· Published 15/09/2025 23:15 · Modified 16/09/2025 14:15

Labels: CVE-2025-43298 2025-09-15CVE-2025-43298CWE-41[email protected]

Essential information

Published
15/09/2025 23:15
Modified
16/09/2025 14:15
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
apple / macos sequoia cpe:2.3:o:apple:macos_sequoia:15.7:*:*:*:*:*:*:*
apple / macos sonoma cpe:2.3:o:apple:macos_sonoma:14.8:*:*:*:*:*:*:*
apple / macos tahoe cpe:2.3:o:apple:macos_tahoe:26:*:*:*:*:*:*:*

References