{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43256", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:24:37.096Z", "datePublished": "2025-07-29T23:29:24.803Z", "dateUpdated": "2026-04-02T18:24:25.070Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to gain root privileges"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "14.7.7", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "15.6", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges."}], "references": [{"url": "https://support.apple.com/en-us/124149"}, {"url": "https://support.apple.com/en-us/124150"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:24:25.070Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43256", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-31T03:56:05.841517Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T17:50:10.540Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jul/33"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/32"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:03:20.388Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jul/33"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/32"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:03:20.388Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43256", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-31T03:56:05.841517Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-30T13:28:36.710Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/124149"}, {"url": "https://support.apple.com/en-us/124150"}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to gain root privileges"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-07-29T23:35:59.580Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43256", "state": "PUBLISHED", "dateUpdated": "2025-11-03T20:03:20.388Z", "dateReserved": "2025-04-16T15:24:37.096Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-07-29T23:29:24.803Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "7DFBF0AD-85A8-451E-91EC-A95F57D51924", "versionEndExcluding": "14.7.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CF17CE2-DB4B-48D1-81AF-67EF1EC7BB45", "versionEndExcluding": "15.6", "versionStartIncluding": "15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges."}, {"lang": "es", "value": "Este problema se solucion\u00f3 mejorando la gesti\u00f3n de estado. Est\u00e1 corregido en macOS Sequoia 15.6 y macOS Sonoma 14.7.7. Es posible que una aplicaci\u00f3n obtenga privilegios de root."}], "id": "CVE-2025-43256", "lastModified": "2025-11-03T20:18:58.083", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-07-30T00:15:37.373", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/124149"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/124150"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jul/32"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jul/33"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T00:53:20.673587+00:00", "value": {"mitigation_remediation": ["Upgrade to macOS Sequoia\u202f15.6 or macOS\u202fSonoma\u202f14.7.7 to deploy the state\u2011management fix.", "If an update cannot be applied immediately, restrict the use of the vulnerable application by disabling it or running it within a sandboxed environment to limit privilege escalation.", "Continuously monitor system logs for indications of privileged process launches and consider strengthening system integrity controls such as full disk encryption and context\u2011aware access policies."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Apple macOS installations running versions earlier than Sequoia 15.6 or Sonoma 14.7.7 are vulnerable. The patch introduces improved state handling that prevents the escalation path. Users should assess whether their current macOS version precedes the specified fixes.", "description_and_impact": "This vulnerability arises from improper state management in macOS, allowing a local application to acquire root privileges. The weakness is a classic privilege escalation flaw, identified as CWE\u2011269. The CVSS score of 7.8 indicates high severity, meaning that any successful exploitation would grant an attacker full system control.", "risk_and_exploitability": "The EPSS score of less than 1% suggests that, as of the latest data, the likelihood of this exploit being actively used is very low and the vulnerability is not recorded in the CISA KEV catalog. However, the nature of the flaw still grants unrestricted system access; the attack vector is inferred to be local, requiring the attacker to run a malicious or compromised application on the affected machine. Given the high criticality of root access, organizations should not wait for external exploitation reports before applying the fix."}}}}, "created": "2025-07-30T10:14:05.807030+00:00", "title": "Privilege Escalation via Improper State Management in macOS", "updated": "2026-04-28T01:00:10.110815+00:00", "vendors": ["apple", "apple$PRODUCT$macos", "apple$PRODUCT$macos_sequoia", "apple$PRODUCT$macos_sonoma"]}