Main Vulnerability Database Vulnerabilities #VU113530

Improper error handling in macOS - CVE-2025-43276

Published: July 31, 2025 / Updated: July 31, 2025

Vulnerability identifier: #VU113530

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-43276

CWE-ID: CWE-388

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper error handling in the OS kernel. The iCloud Private Relay may not be activated when more than one user is logged in at the same time, leading to information disclosure.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/124149

Improper error handling in macOS - CVE-2025-43276

Description

Remediation

External links

Please verify you're human