{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43522", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:27:21.197Z", "datePublished": "2025-12-12T20:57:04.786Z", "dateUpdated": "2026-04-02T18:26:43.102Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access user-sensitive data"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.7.3", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.2", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data."}], "references": [{"url": "https://support.apple.com/en-us/125886"}, {"url": "https://support.apple.com/en-us/125887"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:26:43.102Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-347", "lang": "en", "description": "CWE-347 Improper Verification of Cryptographic Signature"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-12-15T19:26:12.188492Z", "id": "CVE-2025-43522", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T19:26:21.581Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43522", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-15T19:26:12.188492Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-347", "description": "CWE-347 Improper Verification of Cryptographic Signature"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T19:26:06.617Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.2", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125887"}, {"url": "https://support.apple.com/en-us/125886"}], "descriptions": [{"lang": "en", "value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to access user-sensitive data."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access user-sensitive data"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-12-17T20:47:19.262Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43522", "state": "PUBLISHED", "dateUpdated": "2025-12-17T20:47:19.262Z", "dateReserved": "2025-04-16T15:27:21.197Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-12-12T20:57:04.786Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E955E39D-E7C5-4951-BF50-08257F1BAC61", "versionEndExcluding": "15.7.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data."}], "id": "CVE-2025-43522", "lastModified": "2026-04-02T19:20:59.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-12-12T21:15:57.020", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/125886"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125887"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:31:44.474592+00:00", "value": {"mitigation_remediation": ["Install macOS Sequoia 15.7.3 or macOS Tahoe 26.2 to apply the code-signing restrictions that fix the downgrade flaw.", "Enable automatic updates on all Intel-based Mac devices to ensure that the latest security patches are applied promptly.", "Verify that any third\u2011party applications you install are properly code-signed by trusted developers to prevent downgrade attacks."], "summary": {"action": "Patch Now", "impact": "Information Disclosure via App Access to User Data"}, "threat_synthesis": {"affected_systems": "Apple macOS running on Intel processors. The vulnerability is fixed in macOS Sequoia 15.7.3 and macOS Tahoe 26.2, but earlier releases of Sequoia and Tahoe remain affected.", "description_and_impact": "A downgrade vulnerability affecting Intel-based Mac computers was addressed with additional code-signing restrictions. The flaw allows an application to gain unauthorized access to user-sensitive data. The weakness is categorized as CWE-347.", "risk_and_exploitability": "The CVSS score of 3.3 indicates low severity, and the EPSS score of less than 1% suggests a very low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the attack vector probably requires the ability to install or run unauthorized, incorrectly signed applications, which typically demands local user privileges or a compromised system. No public exploit is known and the risk to unpatched systems is considered modest but non\u2011negligible."}}}}, "created": "2025-12-14T21:15:18.787904+00:00", "title": "Downgrade Vulnerability Allowing Unauthorized Access to User Data on Intel-based macOS", "updated": "2026-04-27T22:45:15.465643+00:00", "vendors": ["apple", "apple$PRODUCT$macos", "apple$PRODUCT$macos_sequoia"], "weaknesses": ["CWE-347"]}