CVE-2025-43304

HIGH

macOS <14.8-15.7 - Privilege Escalation

Title source: llm

Description

A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to gain root privileges.

References (5)

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/125111

[Release Notes, Vendor Advisory] https://support.apple.com/en-us/125112

[Mailing List] http://seclists.org/fulldisclosure/2025/Sep/53

[Mailing List] http://seclists.org/fulldisclosure/2025/Sep/54

[Mailing List] http://seclists.org/fulldisclosure/2025/Sep/55

Scores

CVSS v3 7.0

EPSS 0.0001

EPSS Percentile 1.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-362

Status published

Affected Products (1)

apple/macos < 14.8

Timeline

Published Sep 15, 2025

Tracked Since Feb 18, 2026