Main Vulnerability Database Vulnerabilities #VU118055

#VU118055 Improper access control in macOS - CVE-2025-43408

Published: November 4, 2025

Vulnerability identifier: #VU118055

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-43408

CWE-ID: CWE-284

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in Share Sheet. An attacker with physical access to device can view contacts from the lock screen.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/125634

#VU118055 Improper access control in macOS - CVE-2025-43408

Description

Remediation

External links

Please verify you're human