Sandbox Escape Vulnerability in Apple's Xcode Software
CVE-2025-43371

8.2HIGH

Key Information:

Vendor

Apple
Status
Xcode
Vendor
CVE Published:
15 September 2025

What is CVE-2025-43371?

A vulnerability in Apple's Xcode software may allow applications to escape their designated sandbox environments, potentially leading to unauthorized access to system resources. This issue emphasizes the importance of stringent security measures in app development. The vulnerability has been addressed in Xcode version 26, which includes improved checks to prevent such exploits.

Affected Version(s)

Xcode < 26

References

https://support.apple.com/en-us/125117

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-43371 : Sandbox Escape Vulnerability in Apple's Xcode Software