High Severity Vulnerability
This vulnerability has been rated as High severity. Immediate action is recommended.
CVE-2025-43257
High
Low
Medium
High
Critical
8.7
CVSS Score
Vulnerability Description
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to break out of its sandbox.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Attack Vector
L
Attack Complexity
L
Privileges Required
L
User Interaction
N
Scope
C
Confidentiality
H
Integrity
H
Availability
L
Known Affected Software
133 configuration(s) from 1 vendor(s)
macos
Version:
15.4
CPE:
cpe:2.3:o:apple:macos:15.4:*:*:*:*:*:*:*
macos
Version:
13.6.2
CPE:
cpe:2.3:o:apple:macos:13.6.2:*:*:*:*:*:*:*
macos
Version:
14.3
CPE:
cpe:2.3:o:apple:macos:14.3:*:*:*:*:*:*:*
macos
Version:
13.7.8
CPE:
cpe:2.3:o:apple:macos:13.7.8:*:*:*:*:*:*:*
macos
Version:
14.4
CPE:
cpe:2.3:o:apple:macos:14.4:*:*:*:*:*:*:*
macos
Version:
13.7.4
CPE:
cpe:2.3:o:apple:macos:13.7.4:*:*:*:*:*:*:*
macos
Version:
15.0
CPE:
cpe:2.3:o:apple:macos:15.0:*:*:*:*:*:*:*
macos
Version:
11.6.2
CPE:
cpe:2.3:o:apple:macos:11.6.2:*:*:*:*:*:*:*
macos
Version:
13.8
CPE:
cpe:2.3:o:apple:macos:13.8:*:*:*:*:*:*:*
macos
Version:
13.6.3
CPE:
cpe:2.3:o:apple:macos:13.6.3:*:*:*:*:*:*:*
macos
Version:
1.0
CPE:
cpe:2.3:o:apple:macos:1.0:*:*:*:*:*:*:*
macos
Version:
11.7.2
CPE:
cpe:2.3:o:apple:macos:11.7.2:*:*:*:*:*:*:*
macos
Version:
12.7.5
CPE:
cpe:2.3:o:apple:macos:12.7.5:*:*:*:*:*:*:*
macos
Version:
13.7.5
CPE:
cpe:2.3:o:apple:macos:13.7.5:*:*:*:*:*:*:*
macos
Version:
12.7
CPE:
cpe:2.3:o:apple:macos:12.7:*:*:*:*:*:*:*
macos
Version:
11.6.8
CPE:
cpe:2.3:o:apple:macos:11.6.8:*:*:*:*:*:*:*
macos
Version:
11.6.1
CPE:
cpe:2.3:o:apple:macos:11.6.1:*:*:*:*:*:*:*
macos
Version:
13.2.1
CPE:
cpe:2.3:o:apple:macos:13.2.1:*:*:*:*:*:*:*
macos
Version:
12.7.1
CPE:
cpe:2.3:o:apple:macos:12.7.1:*:*:*:*:*:*:*
macos
Version:
9.0
CPE:
cpe:2.3:o:apple:macos:9.0:*:*:*:*:*:*:*
macos
Version:
11.6.3
CPE:
cpe:2.3:o:apple:macos:11.6.3:*:*:*:*:*:*:*
macos
Version:
11.6.6
CPE:
cpe:2.3:o:apple:macos:11.6.6:*:*:*:*:*:*:*
macos
Version:
7.6
CPE:
cpe:2.3:o:apple:macos:7.6:*:*:*:*:*:*:*
macos
Version:
14.7.6
CPE:
cpe:2.3:o:apple:macos:14.7.6:*:*:*:*:*:*:*
macos
Version:
11.2
CPE:
cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*
macos
Version:
11.1
CPE:
cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
macos
Version:
14.4.1
CPE:
cpe:2.3:o:apple:macos:14.4.1:*:*:*:*:*:*:*
macos
Version:
13.5.2
CPE:
cpe:2.3:o:apple:macos:13.5.2:*:*:*:*:*:*:*
macos
Version:
11.6
CPE:
cpe:2.3:o:apple:macos:11.6:*:*:*:*:*:*:*
macos
Version:
11.3
CPE:
cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*
macos
Version:
12.4
CPE:
cpe:2.3:o:apple:macos:12.4:*:*:*:*:*:*:*
macos
Version:
10.15.7
CPE:
cpe:2.3:o:apple:macos:10.15.7:supplemental_update:*:*:*:*:*:*
macos
Version:
8.6
CPE:
cpe:2.3:o:apple:macos:8.6:*:*:*:*:*:*:*
macos
Version:
8.1
CPE:
cpe:2.3:o:apple:macos:8.1:*:*:*:*:*:*:*
macos
Version:
12.6.4
CPE:
cpe:2.3:o:apple:macos:12.6.4:*:*:*:*:*:*:*
macos
Version:
11.7.9
CPE:
cpe:2.3:o:apple:macos:11.7.9:*:*:*:*:*:*:*
macos
Version:
14.7.3
CPE:
cpe:2.3:o:apple:macos:14.7.3:*:*:*:*:*:*:*
macos
Version:
12.6.2
CPE:
cpe:2.3:o:apple:macos:12.6.2:*:*:*:*:*:*:*
macos
Version:
13.3.3
CPE:
cpe:2.3:o:apple:macos:13.3.3:*:*:*:*:*:*:*
macos
Version:
12.1
CPE:
cpe:2.3:o:apple:macos:12.1:*:*:*:*:*:*:*
macos
Version:
13.7
CPE:
cpe:2.3:o:apple:macos:13.7:*:*:*:*:*:*:*
macos
Version:
11.7
CPE:
cpe:2.3:o:apple:macos:11.7:*:*:*:*:*:*:*
macos
Version:
12.7.6
CPE:
cpe:2.3:o:apple:macos:12.7.6:*:*:*:*:*:*:*
macos
Version:
14.1
CPE:
cpe:2.3:o:apple:macos:14.1:*:*:*:*:*:*:*
macos
Version:
13.4.1
CPE:
cpe:2.3:o:apple:macos:13.4.1:*:*:*:*:*:*:*
macos
Version:
12.6.6
CPE:
cpe:2.3:o:apple:macos:12.6.6:*:*:*:*:*:*:*
macos
Version:
13.6.4
CPE:
cpe:2.3:o:apple:macos:13.6.4:*:*:*:*:*:*:*
macos
Version:
15.1.1
CPE:
cpe:2.3:o:apple:macos:15.1.1:*:*:*:*:*:*:*
macos
Version:
13.7.7
CPE:
cpe:2.3:o:apple:macos:13.7.7:*:*:*:*:*:*:*
macos
Version:
14.1.1
CPE:
cpe:2.3:o:apple:macos:14.1.1:*:*:*:*:*:*:*
macos
Version:
7.5.3
CPE:
cpe:2.3:o:apple:macos:7.5.3:*:*:*:*:*:*:*
macos
Version:
11.0.1
CPE:
cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*
macos
Version:
13.6.1
CPE:
cpe:2.3:o:apple:macos:13.6.1:*:*:*:*:*:*:*
macos
Version:
14.7.2
CPE:
cpe:2.3:o:apple:macos:14.7.2:*:*:*:*:*:*:*
macos
Version:
14.2.1
CPE:
cpe:2.3:o:apple:macos:14.2.1:*:*:*:*:*:*:*
macos
Version:
13.7.2
CPE:
cpe:2.3:o:apple:macos:13.7.2:*:*:*:*:*:*:*
macos
Version:
13.7.3
CPE:
cpe:2.3:o:apple:macos:13.7.3:*:*:*:*:*:*:*
macos
Version:
12.6.9
CPE:
cpe:2.3:o:apple:macos:12.6.9:*:*:*:*:*:*:*
macos
Version:
14.7.8
CPE:
cpe:2.3:o:apple:macos:14.7.8:*:*:*:*:*:*:*
macos
Version:
15.5
CPE:
cpe:2.3:o:apple:macos:15.5:*:*:*:*:*:*:*
macos
Version:
14.8.1
CPE:
cpe:2.3:o:apple:macos:14.8.1:*:*:*:*:*:*:*
macos
Version:
12.6.8
CPE:
cpe:2.3:o:apple:macos:12.6.8:*:*:*:*:*:*:*
macos
Version:
15.3.2
CPE:
cpe:2.3:o:apple:macos:15.3.2:*:*:*:*:*:*:*
macos
Version:
11.7.3
CPE:
cpe:2.3:o:apple:macos:11.7.3:*:*:*:*:*:*:*
macos
Version:
13.0.0
CPE:
cpe:2.3:o:apple:macos:13.0.0:*:*:*:*:*:*:*
macos
Version:
11.4
CPE:
cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:*
macos
Version:
11.7.5
CPE:
cpe:2.3:o:apple:macos:11.7.5:*:*:*:*:*:*:*
macos
Version:
11.5
CPE:
cpe:2.3:o:apple:macos:11.5:*:*:*:*:*:*:*
macos
Version:
12.6.1
CPE:
cpe:2.3:o:apple:macos:12.6.1:*:*:*:*:*:*:*
macos
Version:
14.6
CPE:
cpe:2.3:o:apple:macos:14.6:*:*:*:*:*:*:*
macos
Version:
11.6.5
CPE:
cpe:2.3:o:apple:macos:11.6.5:*:*:*:*:*:*:*
macos
Version:
14.8
CPE:
cpe:2.3:o:apple:macos:14.8:*:*:*:*:*:*:*
macos
Version:
13.3
CPE:
cpe:2.3:o:apple:macos:13.3:*:*:*:*:*:*:*
macos
Version:
12.7.3
CPE:
cpe:2.3:o:apple:macos:12.7.3:*:*:*:*:*:*:*
macos
Version:
12.0
CPE:
cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*
macos
Version:
14.8.2
CPE:
cpe:2.3:o:apple:macos:14.8.2:*:*:*:*:*:*:*
macos
Version:
12.6
CPE:
cpe:2.3:o:apple:macos:12.6:*:*:*:*:*:*:*
macos
Version:
14.7.5
CPE:
cpe:2.3:o:apple:macos:14.7.5:*:*:*:*:*:*:*
macos
Version:
9
CPE:
cpe:2.3:o:apple:macos:9:*:*:*:*:*:*:*
macos
Version:
15.2
CPE:
cpe:2.3:o:apple:macos:15.2:*:*:*:*:*:*:*
macos
Version:
12.0.0
CPE:
cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*
macos
Version:
12.7.2
CPE:
cpe:2.3:o:apple:macos:12.7.2:*:*:*:*:*:*:*
macos
Version:
12.6.3
CPE:
cpe:2.3:o:apple:macos:12.6.3:*:*:*:*:*:*:*
macos
Version:
11.7.7
CPE:
cpe:2.3:o:apple:macos:11.7.7:*:*:*:*:*:*:*
macos
Version:
11.5.1
CPE:
cpe:2.3:o:apple:macos:11.5.1:*:*:*:*:*:*:*
macos
Version:
12.2
CPE:
cpe:2.3:o:apple:macos:12.2:*:*:*:*:*:*:*
macos
Version:
14.5
CPE:
cpe:2.3:o:apple:macos:14.5:*:*:*:*:*:*:*
macos
Version:
11.6.7
CPE:
cpe:2.3:o:apple:macos:11.6.7:*:*:*:*:*:*:*
macos
Version:
13.6
CPE:
cpe:2.3:o:apple:macos:13.6:*:*:*:*:*:*:*
macos
Version:
15.3.1
CPE:
cpe:2.3:o:apple:macos:15.3.1:*:*:*:*:*:*:*
macos
Version:
11.2.1
CPE:
cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:*
macos
Version:
13.6.8
CPE:
cpe:2.3:o:apple:macos:13.6.8:*:*:*:*:*:*:*
macos
Version:
7.6.1
CPE:
cpe:2.3:o:apple:macos:7.6.1:*:*:*:*:*:*:*
macos
Version:
13.6.5
CPE:
cpe:2.3:o:apple:macos:13.6.5:*:*:*:*:*:*:*
macos
Version:
14.2
CPE:
cpe:2.3:o:apple:macos:14.2:*:*:*:*:*:*:*
macos
Version:
13.4
CPE:
cpe:2.3:o:apple:macos:13.4:*:*:*:*:*:*:*
macos
Version:
14.7.1
CPE:
cpe:2.3:o:apple:macos:14.7.1:*:*:*:*:*:*:*
macos
Version:
15.4.1
CPE:
cpe:2.3:o:apple:macos:15.4.1:*:*:*:*:*:*:*
macos
Version:
11.7.1
CPE:
cpe:2.3:o:apple:macos:11.7.1:*:*:*:*:*:*:*
macos
Version:
15.1
CPE:
cpe:2.3:o:apple:macos:15.1:*:*:*:*:*:*:*
macos
Version:
11.3.1
CPE:
cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:*
macos
Version:
13.2
CPE:
cpe:2.3:o:apple:macos:13.2:*:*:*:*:*:*:*
macos
Version:
12.2.1
CPE:
cpe:2.3:o:apple:macos:12.2.1:*:*:*:*:*:*:*
macos
Version:
11.0
CPE:
cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
macos
Version:
11.7.10
CPE:
cpe:2.3:o:apple:macos:11.7.10:*:*:*:*:*:*:*
macos
Version:
13.7.6
CPE:
cpe:2.3:o:apple:macos:13.7.6:*:*:*:*:*:*:*
macos
Version:
12.3
CPE:
cpe:2.3:o:apple:macos:12.3:*:*:*:*:*:*:*
macos
Version:
13.6.7
CPE:
cpe:2.3:o:apple:macos:13.6.7:*:*:*:*:*:*:*
macos
Version:
12.5
CPE:
cpe:2.3:o:apple:macos:12.5:*:*:*:*:*:*:*
macos
Version:
11.7.8
CPE:
cpe:2.3:o:apple:macos:11.7.8:*:*:*:*:*:*:*
macos
Version:
13.5
CPE:
cpe:2.3:o:apple:macos:13.5:*:*:*:*:*:*:*
macos
Version:
12.6.5
CPE:
cpe:2.3:o:apple:macos:12.6.5:*:*:*:*:*:*:*
macos
Version:
13.0
CPE:
cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*
macos
Version:
14.1.2
CPE:
cpe:2.3:o:apple:macos:14.1.2:*:*:*:*:*:*:*
macos
Version:
11.7.6
CPE:
cpe:2.3:o:apple:macos:11.7.6:*:*:*:*:*:*:*
macos
Version:
12.6.7
CPE:
cpe:2.3:o:apple:macos:12.6.7:*:*:*:*:*:*:*
macos
Version:
14.7
CPE:
cpe:2.3:o:apple:macos:14.7:*:*:*:*:*:*:*
macos
Version:
15.3
CPE:
cpe:2.3:o:apple:macos:15.3:*:*:*:*:*:*:*
macos
Version:
8.0
CPE:
cpe:2.3:o:apple:macos:8.0:*:*:*:*:*:*:*
macos
Version:
13.7.1
CPE:
cpe:2.3:o:apple:macos:13.7.1:*:*:*:*:*:*:*
macos
Version:
12.7.4
CPE:
cpe:2.3:o:apple:macos:12.7.4:*:*:*:*:*:*:*
macos
Version:
12.0.1
CPE:
cpe:2.3:o:apple:macos:12.0.1:*:*:*:*:*:*:*
macos
Version:
13.0.1
CPE:
cpe:2.3:o:apple:macos:13.0.1:*:*:*:*:*:*:*
macos
Version:
13.6.6
CPE:
cpe:2.3:o:apple:macos:13.6.6:*:*:*:*:*:*:*
macos
Version:
14.7.7
CPE:
cpe:2.3:o:apple:macos:14.7.7:*:*:*:*:*:*:*
macos
Version:
14.0
CPE:
cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*
macos
Version:
13.3.1
CPE:
cpe:2.3:o:apple:macos:13.3.1:*:*:*:*:*:*:*
macos
Version:
12.5.1
CPE:
cpe:2.3:o:apple:macos:12.5.1:*:*:*:*:*:*:*
macos
Version:
8.5
CPE:
cpe:2.3:o:apple:macos:8.5:*:*:*:*:*:*:*
macos
Version:
13.1
CPE:
cpe:2.3:o:apple:macos:13.1:*:*:*:*:*:*:*
macos
Version:
11.1.0
CPE:
cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:*
macos
Version:
12.3.1
CPE:
cpe:2.3:o:apple:macos:12.3.1:*:*:*:*:*:*:*
macos
Version:
14.7.4
CPE:
cpe:2.3:o:apple:macos:14.7.4:*:*:*:*:*:*:*
This vulnerability affects 133 software configuration(s). Ensure you patch all affected systems.
Severity Details
8.7
out of 10.0
High
Weakness Type (CWE)
CWE-59
Improper Link Resolution Before File Access ('Link Following')
- Description
- The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
- Exploit Likelihood
- Medium
- Typical Severity
- Medium
- Abstraction Level
- Base
Key Information
- Published Date
- April 02, 2026
