Sensitive Data Exposure in macOS Products by Apple
CVE-2025-43530

5.5MEDIUM

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Mac OS
Vendor: CVE Published:; 12 December 2025

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-43530?

A vulnerability in macOS could allow unauthorized applications to access sensitive user data. This issue has been addressed in the latest updates for macOS Sonoma and macOS Sequoia, enhancing security measures to prevent such unauthorized access. Users are encouraged to update their operating systems to the latest versions to protect their data.

Affected Version(s)

iOS and iPadOS 0 < 18.7.3

macOS 0 < 14.8.3

macOS 0 < 15.7.3

News Articles

Cyber Press

CVE-2025-43530

New macOS TCC Bypass Vulnerability Allows Attackers to Access Sensitive User Data

By exploiting a private API within the ScreenReader.framework ,a core component of the VoiceOver accessibility feature malicious actors can gain unauthorized access to sensitive user data.

References

https://support.apple.com/en-us/125885

https://support.apple.com/en-us/125886

https://support.apple.com/en-us/125887

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jan 6, 2026
📰
First article discovered by Cyber Press
Jan 6, 2026
Vulnerability published
Dec 12, 2025
Vulnerability Reserved
Apr 16, 2025

CVE-2025-43530 Data

JSON