CVE-2025-43358

high

Description

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7. A shortcut may be able to bypass sandbox restrictions.

References

https://thehackernews.com/2025/09/apple-backports-fix-for-cve-2025-43300.html

https://support.apple.com/en-us/125112

https://support.apple.com/en-us/125111

https://support.apple.com/en-us/125109

https://support.apple.com/en-us/125108

http://seclists.org/fulldisclosure/2025/Sep/55

http://seclists.org/fulldisclosure/2025/Sep/54

http://seclists.org/fulldisclosure/2025/Sep/53

http://seclists.org/fulldisclosure/2025/Sep/49

Details

Source: Mitre, NVD

Published: 2025-09-15

Updated: 2025-11-04

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00014

Detections

Analytics