{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43397", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:24:37.118Z", "datePublished": "2025-11-04T01:16:44.623Z", "dateUpdated": "2026-04-02T18:17:41.693Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to cause a denial-of-service"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "14.8.2", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "15.7.2", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service."}], "references": [{"url": "https://support.apple.com/en-us/125634"}, {"url": "https://support.apple.com/en-us/125635"}, {"url": "https://support.apple.com/en-us/125636"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:17:41.693Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-863", "lang": "en", "description": "CWE-863 Incorrect Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-11-04T13:12:56.120256Z", "id": "CVE-2025-43397", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T13:12:58.763Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43397", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-04T13:12:56.120256Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T13:12:47.043Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.8", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125636"}, {"url": "https://support.apple.com/en-us/125634"}, {"url": "https://support.apple.com/en-us/125635"}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to cause a denial-of-service."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to cause a denial-of-service"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-12-17T20:46:54.585Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43397", "state": "PUBLISHED", "dateUpdated": "2025-12-17T20:46:54.585Z", "dateReserved": "2025-04-16T15:24:37.118Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-11-04T01:16:44.623Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "84A2783A-5B53-4DAB-80C4-8D62E332802A", "versionEndExcluding": "14.8.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BE8199E-63D1-496C-B107-52853CFC2311", "versionEndExcluding": "15.7.2", "versionStartIncluding": "15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service."}], "id": "CVE-2025-43397", "lastModified": "2026-04-02T19:20:39.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-11-04T02:15:46.477", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/125634"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125635"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125636"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T23:15:36.386486+00:00", "value": {"mitigation_remediation": ["Apply the latest macOS update (Sequoia 15.7.2, Sonoma 14.8.2, or Tahoe 26.1) in order to remove the vulnerable code.", "Enable Gatekeeper and restrict installation of unsigned or unverified applications to prevent accidental deployment of malicious apps that could exploit the flaw.", "Monitor system logs for abnormal application crashes or resource depletion events that may signal a denial\u2011of\u2011service attempt after the update."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Apple macOS is affected when the flaw remains unpatched. The issue is resolved in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, and macOS Tahoe 26.1; therefore any older or earlier builds are vulnerable.", "description_and_impact": "A permissions flaw that allowed an application to trigger a denial\u2011of\u2011service was removed by eliminating the vulnerable code in recent macOS releases. The weakness, identified as a missing permission check (CWE\u2011863), lets a malicious or poorly designed app cause a crash or resource exhaustion, compromising availability of the affected system.", "risk_and_exploitability": "The CVSS score of 5.5 reflects moderate severity. An EPSS score of less than 1% indicates a very low likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a local user or application that attempts to abuse the missing permission check; no evidence of remote exploitation is provided."}}}}, "created": "2025-11-04T16:34:22.618548+00:00", "title": "Denial-of-Service via Permissions Issue on macOS", "updated": "2026-04-27T23:30:15.496095+00:00", "vendors": ["apple", "apple$PRODUCT$macos", "apple$PRODUCT$macos_sequoia", "apple$PRODUCT$macos_sonoma"]}