This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps.
History

Wed, 30 Jul 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-266
Metrics cvssV3_1

{'score': 5.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Vendors & Products Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2025-07-29T23:35:56.054Z

Updated: 2025-07-30T15:17:52.220Z

Reserved: 2025-04-16T15:24:37.097Z

Link: CVE-2025-43260

cve-icon Vulnrichment

Updated: 2025-07-30T15:16:08.209Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-30T00:15:37.587

Modified: 2025-07-31T18:42:37.870

Link: CVE-2025-43260

cve-icon Redhat

No data.