CVE-2025-43270: An app may gain unauthorized access to Local Network in Apple macOS
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may gain unauthorized access to Local Network.
AI Analysis
Technical Summary
This vulnerability involves an access control weakness (CWE-284) in Apple macOS that could allow an application to gain unauthorized access to the Local Network. The issue was mitigated by Apple through enhanced sandbox restrictions. The CVSS v3.1 base score is 8.8, reflecting a high severity with local attack vector, low attack complexity, low privileges required, no user interaction, and a scope change affecting confidentiality, integrity, and availability. The fix is included in macOS Sequoia 15.6, Sonoma 14.7.7, and Ventura 13.7.7.
Potential Impact
An attacker controlling a local application with limited privileges could exploit this vulnerability to access the Local Network without authorization. This could lead to full compromise of confidentiality, integrity, and availability of network resources accessible from the local machine. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Apple has released official fixes for this vulnerability in macOS Sequoia 15.6, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7. Users and administrators should apply these updates promptly to remediate the issue. No additional mitigation steps are indicated beyond applying the official patches.
CVE-2025-43270: An app may gain unauthorized access to Local Network in Apple macOS
Description
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may gain unauthorized access to Local Network.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves an access control weakness (CWE-284) in Apple macOS that could allow an application to gain unauthorized access to the Local Network. The issue was mitigated by Apple through enhanced sandbox restrictions. The CVSS v3.1 base score is 8.8, reflecting a high severity with local attack vector, low attack complexity, low privileges required, no user interaction, and a scope change affecting confidentiality, integrity, and availability. The fix is included in macOS Sequoia 15.6, Sonoma 14.7.7, and Ventura 13.7.7.
Potential Impact
An attacker controlling a local application with limited privileges could exploit this vulnerability to access the Local Network without authorization. This could lead to full compromise of confidentiality, integrity, and availability of network resources accessible from the local machine. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Apple has released official fixes for this vulnerability in macOS Sequoia 15.6, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7. Users and administrators should apply these updates promptly to remediate the issue. No additional mitigation steps are indicated beyond applying the official patches.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- apple
- Date Reserved
- 2025-04-16T15:24:37.100Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 68895da7ad5a09ad0091b946
Added to database: 7/29/2025, 11:47:51 PM
Last enriched: 4/3/2026, 6:22:54 AM
Last updated: 5/8/2026, 8:58:28 PM
Views: 160
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.