CVE-2025-43191 is a vulnerability in Apple macOS identified as a path traversal or improper path handling issue (CWE-22). This flaw allows a local application to cause a denial-of-service condition by exploiting insufficient validation of file system paths. Specifically, an app can craft path inputs that the system fails to properly sanitize, leading to resource exhaustion or system instability that results in a crash or hang. The vulnerability affects multiple macOS versions prior to Sequoia 15.6, Sonoma 14.7.7, and Ventura 13.7.7, where Apple has implemented improved validation to mitigate the issue. The CVSS v3.1 base score is 6.2, reflecting a medium severity level, with attack vector Local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) without affecting confidentiality or integrity. No public exploits have been reported, indicating the threat is currently theoretical but could be leveraged by malicious local apps or insiders to disrupt system availability. This vulnerability primarily impacts the availability of macOS systems, potentially causing denial-of-service conditions that interrupt business operations or critical services running on affected devices.

For European organizations, the primary impact is disruption of availability on macOS endpoints, which could affect business continuity, especially in environments relying on Apple hardware for critical operations. Denial-of-service conditions could interrupt user productivity, delay workflows, or cause downtime in services hosted or managed on macOS systems. While confidentiality and integrity are not directly impacted, repeated or targeted exploitation could degrade trust in system reliability. Organizations with mixed OS environments that include macOS devices may face operational challenges if these devices become unstable. The lack of required privileges or user interaction lowers the barrier for exploitation by local threat actors or compromised applications, increasing risk in environments with less stringent application controls. However, the absence of known exploits in the wild suggests immediate risk is moderate but warrants proactive patching and monitoring.

European organizations should prioritize updating macOS devices to versions Sequoia 15.6, Sonoma 14.7.7, or Ventura 13.7.7 or later, where the vulnerability is fixed. Implement strict application control policies to limit installation and execution of untrusted or unsigned local applications that could exploit this flaw. Employ endpoint detection and response (EDR) solutions to monitor for unusual application behaviors or system crashes indicative of exploitation attempts. Conduct regular audits of macOS systems to ensure compliance with patch management policies. Educate users about the risks of running unverified software locally. For environments with critical macOS infrastructure, consider network segmentation and limiting local user privileges to reduce the attack surface. Maintain backups and incident response plans to quickly recover from potential denial-of-service events.