This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected user data.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Apple |
|
No data.
References
History
Wed, 05 Nov 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
Tue, 04 Nov 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-59 | |
| Metrics |
cvssV3_1
|
Tue, 04 Nov 2025 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple macos Apple macos Sequoia Apple macos Sonoma |
|
| Vendors & Products |
Apple
Apple macos Apple macos Sequoia Apple macos Sonoma |
Tue, 04 Nov 2025 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected user data. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2025-11-04T01:16:06.557Z
Updated: 2025-11-04T19:07:51.607Z
Reserved: 2025-04-16T15:24:37.118Z
Link: CVE-2025-43395
Vulnrichment
Updated: 2025-11-04T19:07:40.696Z
NVD
Status : Analyzed
Published: 2025-11-04T02:15:46.277
Modified: 2025-11-05T14:39:43.080
Link: CVE-2025-43395
Redhat
No data.