CVE-2025-43521
MEDIUMDescription
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.
Is your site exposed to CVE-2025-43521?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| apple | macos |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2025-43521? +
How severe is CVE-2025-43521? +
What products are affected by CVE-2025-43521? +
How do I check if I'm vulnerable to CVE-2025-43521? +
Related Vulnerabilities
The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability …
DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase enterprise token handling can let TokenFilter#doFilter() …
The Microsoft 365 and Microsoft Entra ID Plugins for Moodle provide Office 365 and Azure Active Directory integration for Moodle. …
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX …
Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed …
aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is …