CVE-2025-43339

Vulnerability

An access issue exists in macOS Tahoe, affecting versions prior to 26.1, where a malicious application may bypass sandbox restrictions and access sensitive user data. The vulnerability is addressed with improved sandbox checks in macOS Tahoe 26.1 [1]. No further technical details about the affected component or configuration are disclosed in the available references.

Exploitation

An attacker would need to persuade a user to run a malicious app on an affected macOS Tahoe system. No additional privileges or network position beyond local execution are required based on the available information [1]. The specific exploitation steps are not detailed in the references.

Impact

Successful exploitation allows a malicious app to access sensitive user data, such as personal files or credentials, violating confidentiality protections provided by the macOS sandbox. The scope of compromise is limited to the data accessible to the app sandbox in the vulnerable configuration [1].

Mitigation

The issue is fixed in macOS Tahoe 26.1, released on November 3, 2025 [1]. Users should update to this version via Software Update or Apple's security update mechanism. No workarounds are provided. The vulnerability is not listed as known exploited.