CVE Catalog

CVE-2025-43278

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile — higher than 7% of all known CVEs

Summary

This issue was addressed with improved handling of symlinks. An app may be able to access protected user data.

Risk Assessment

Access to protected user data by an app may lead to privacy breaches and data security issues.

Recommendation

It is recommended to update to macOS Sequoia 15.4 to secure the system against this vulnerability.

Original NVD description (English source)

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS