This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1, tvOS 26.1. An app may be able to break out of its sandbox.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/125632 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125635 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125636 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125637 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125638 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Nov 2025, 14:39
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Apple tvos
Apple iphone Os Apple visionos Apple ipados Apple Apple macos |
|
| References | () https://support.apple.com/en-us/125632 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125635 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125636 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125637 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125638 - Release Notes, Vendor Advisory | |
| CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
04 Nov 2025, 19:17
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-284 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
04 Nov 2025, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-11-04 02:15
Updated : 2025-11-05 14:39
NVD link : CVE-2025-43407
Mitre link : CVE-2025-43407
CVE.ORG link : CVE-2025-43407
JSON object : View
Products Affected
apple
- iphone_os
- visionos
- tvos
- ipados
- macos
CWE
CWE-284
Improper Access Control