{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43281", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:24:37.101Z", "datePublished": "2025-10-15T20:00:47.073Z", "dateUpdated": "2026-04-02T18:09:18.165Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "A local attacker may be able to elevate their privileges"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.6", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges."}], "references": [{"url": "https://support.apple.com/en-us/124149"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:09:18.165Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43281", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-17T03:55:33.389631Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T16:57:27.639Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43281", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-17T03:55:33.389631Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-16T14:39:15.701Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.6", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/124149"}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "A local attacker may be able to elevate their privileges"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-10-15T20:00:47.073Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43281", "state": "PUBLISHED", "dateUpdated": "2026-02-26T16:57:27.639Z", "dateReserved": "2025-04-16T15:24:37.101Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-10-15T20:00:47.073Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "077E4BB7-4A8B-4D18-BCD7-2938A2B8B9C8", "versionEndExcluding": "15.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges."}], "id": "CVE-2025-43281", "lastModified": "2026-02-26T18:22:23.047", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-10-15T20:15:35.033", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/124149"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T23:41:17.277086+00:00", "value": {"mitigation_remediation": ["Upgrade to macOS Sequoia\u202f15.6 or any newer release to apply the authentication fix", "Use device hardening practices such as enforcing strong password policies, enabling account lockouts after multiple failures, and disabling unnecessary login methods", "Restrict physical and local access to systems by employing security controls such as secure boot, tamper\u2011evident enclosures, and remote management policies to reduce the chance of local privilege escalation"], "summary": {"action": "Patch update", "impact": "Local privilege escalation through authentication flaw"}, "threat_synthesis": {"affected_systems": "Apple macOS systems, particularly those running releases before Sequoia 15.6, are vulnerable. Apple explicitly states that the issue is corrected in macOS Sequoia 15.6. Any macOS version older than that that has not received this update remains at risk.\n", "description_and_impact": "A flaw in the authentication mechanism of macOS allows a local attacker to gain elevated privileges on the affected system. The weakness corresponds to CWE\u2011287, indicating that the authentication process can be bypassed or compromised, potentially giving the attacker full control of the machine. This flaw can be exploited when the attacker has local access, such as physical presence or an active local session, and can therefore use the elevated privileges to manipulate system settings, access sensitive data, or install malicious software.\n", "risk_and_exploitability": "The CVSS score of 7.8 reflects a high severity for local privilege escalation. The EPSS score of less than 1% suggests that the exploitation probability is very low at this time, and the vulnerability is not listed in CISA\u2019s KEV catalog, indicating no known widespread exploitation. The likely attack vector is local, requiring an attacker to be present on the target machine or otherwise have local code execution capability. Once exploited, the attacker can elevate privileges, potentially compromising the entire system\u2019s integrity and confidentiality."}}}}, "created": "2025-10-21T09:40:51.750051+00:00", "updated": "2026-04-27T23:45:15.893333+00:00", "vendors": ["apple", "apple$PRODUCT$macos", "apple$PRODUCT$macos_sequoia"]}