Main Vulnerability Database Vulnerabilities #VU113507

#VU113507 Exposure of sensitive information to an unauthorized actor in macOS - CVE-2025-43259

Published: July 30, 2025

Vulnerability identifier: #VU113507

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-43259

CWE-ID: CWE-200

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker with physical access to the system to gain access to sensitive information.

The vulnerability exists due to excessive data output in WindowServer. An attacker with physical access to the system can view sensitive user information.

Remediation

Install update from vendor's website.

External links

https://support.apple.com/en-us/124149

#VU113507 Exposure of sensitive information to an unauthorized actor in macOS - CVE-2025-43259

Description

Remediation

External links

Please verify you're human