216.73.217.176

CVE-2025-43407

· Published 04/11/2025 02:15 · Modified 17/12/2025 21:15

Labels: CVE-2025-43407 2025-11-04CVE-2025-43407CWE-284[email protected]

Essential information

Published
04/11/2025 02:15
Modified
17/12/2025 21:15
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

This issue was addressed with improved entitlements. This issue is fixed in tvOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. An app may be able to break out of its sandbox.

NVD status

Status
Modified — CVE has been amended by a source (CVE Primary CNA or another CNA). Analysis data supplied by the NVD may be no longer be accurate due to these changes.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
apple / ipados cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
apple / iphone os cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
apple / macos cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
apple / macos cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
apple / tvos cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
apple / visionos cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

References