{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43527", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:27:21.197Z", "datePublished": "2025-12-12T20:56:31.854Z", "dateUpdated": "2026-04-02T18:14:22.444Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to gain root privileges"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.7.3", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.2", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to gain root privileges."}], "references": [{"url": "https://support.apple.com/en-us/125886"}, {"url": "https://support.apple.com/en-us/125887"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:14:22.444Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43527", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-14T04:56:10.687989Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-280", "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T16:07:41.674Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43527", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-13T22:43:54.426350Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-280", "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges "}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-13T22:43:35.881Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.2", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125887"}, {"url": "https://support.apple.com/en-us/125886"}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to gain root privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to gain root privileges"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-12-17T20:46:43.164Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43527", "state": "PUBLISHED", "dateUpdated": "2025-12-17T20:46:43.164Z", "dateReserved": "2025-04-16T15:27:21.197Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-12-12T20:56:31.854Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E955E39D-E7C5-4951-BF50-08257F1BAC61", "versionEndExcluding": "15.7.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to gain root privileges."}], "id": "CVE-2025-43527", "lastModified": "2026-04-02T19:20:59.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-12-12T21:15:57.207", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/125886"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125887"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-280"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T20:45:01.103951+00:00", "value": {"mitigation_remediation": ["Update macOS to Sequoia\u202f15.7.3 or Tahoe\u202f26.2.", "If an update is not immediately possible, restrict or disable the installation and execution of non\u2011Apple\u2011signed applications to reduce the risk of privilege escalation.", "Enable and regularly review system audit logs for unexpected root\u2011level activity to detect any exploitation attempts early."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation to Root"}, "threat_synthesis": {"affected_systems": "Apple macOS is affected, specifically versions of macOS\u202fSequoia and macOS\u202fTahoe that are older than Sequoia\u202f15.7.3 and Tahoe\u202f26.2. The security update that addresses the issue is available in those releases; earlier releases remain vulnerable.", "description_and_impact": "The vulnerability is a permissions issue that can allow a user\u2011level application to obtain root privileges, constituting a local privilege escalation. The weakness corresponds to CWE\u2011280, inadequate access control, and would enable an attacker who can execute code as a normal user to perform any operation the operating system permits, including installing software, modifying critical system files, and bypassing security controls.", "risk_and_exploitability": "The CVSS score of 7.8 indicates a high severity risk. The EPSS score of less than 1% suggests that exploitation is unlikely at present, and the vulnerability is not listed in CISA's KEV catalog, indicating no known exploits. The attack vector is inferred to be local, as the flaw requires that a malicious application be run by a user\u2014there are no network\u2011based remote triggers documented."}}}}, "created": "2025-12-14T21:15:51.463378+00:00", "title": "macOS Permissions Escalation Allowing Apps to Gain Root Privileges", "updated": "2026-04-22T20:45:27.090857+00:00", "vendors": ["apple", "apple$PRODUCT$macos"]}