CVE-2025-43241

Vulnerability

Details

CVE-2025-43241 is a permissions bypass that allows an app to read files outside its sandbox. Apple’s advisory states the issue was addressed “with additional restrictions,” though no root-cause details have been published. The fix is included in macOS Sequoia 15.6, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7 [1][2][3].

Exploitation

The vulnerability can be exploited by any application running on a vulnerable macOS version. No special privileges or user interaction beyond launching the malicious app are required. By exploiting the flawed permission checks, an app can escape its sandbox container and access files that should be off-limits [1][2][3].

Impact

A successful exploit gives the attacker read access to sensitive system or user files outside the app’s sandbox, potentially bypassing macOS’s primary security control for untrusted software. Apple rated the issue as Medium severity (CVSS v3.1 score 5.5) and did not indicate evidence of active exploitation [1][2][3].

Mitigation

All three affected macOS versions have been patched. Users should update to the latest minor version from System Settings. No workaround is available. Apple does not list this CVE on the Known Exploited Vulnerabilities catalog [1][2][3].