CVE-2025-43301 is a privacy vulnerability identified in Apple macOS that allows a local application to access contact information associated with notifications displayed in the Notification Center. The root cause is insufficient redaction of sensitive data in system log entries related to notifications, which could inadvertently expose contact details to unauthorized apps. This vulnerability does not allow modification of data or disruption of system services but compromises confidentiality by leaking private contact information. Exploitation requires local access to the system and user interaction, such as running a malicious app that can read notification-related logs. Apple resolved this issue in macOS Sonoma 14.8 and macOS Sequoia 15.7 by enhancing the redaction mechanisms to better protect private data in logs. The CVSS v3.1 score of 3.3 reflects the low impact and limited exploitability, with attack vector local (AV:L), low complexity (AC:L), no privileges required (PR:N), and user interaction required (UI:R). The vulnerability is categorized under CWE-359 (Exposure of Private Information Through Log Files). There are no known exploits in the wild at the time of publication. This vulnerability primarily affects privacy-conscious environments and users who rely on macOS Notification Center for communication and alerts.

For European organizations, the primary impact of CVE-2025-43301 is the potential exposure of private contact information through notification logs to unauthorized local applications. This could lead to privacy violations, especially in sectors handling sensitive personal or client data such as finance, healthcare, and legal services. Although the vulnerability does not allow system compromise or denial of service, the leakage of contact information could facilitate social engineering attacks or targeted phishing campaigns. Organizations with macOS endpoints, particularly those running versions prior to Sonoma 14.8 or Sequoia 15.7, are at risk. The impact is more pronounced in environments where endpoint security controls are lax, or where users may inadvertently install untrusted applications. Given the low severity, the threat is unlikely to cause widespread disruption but should be addressed to maintain compliance with European data protection regulations like GDPR, which mandate safeguarding personal data.

European organizations should prioritize updating all macOS devices to at least macOS Sonoma 14.8 or macOS Sequoia 15.7 to ensure the vulnerability is patched. Beyond patching, organizations should enforce strict application control policies to limit the installation and execution of untrusted or unnecessary applications that could exploit this vulnerability. Implement endpoint detection and response (EDR) solutions capable of monitoring unusual access to notification-related logs or data. Educate users about the risks of installing apps from unverified sources and the importance of maintaining updated systems. Where possible, restrict app permissions related to Notification Center data and logs through macOS privacy settings and Mobile Device Management (MDM) solutions. Regularly audit logs and system configurations to detect any unauthorized access attempts. Finally, incorporate this vulnerability into privacy risk assessments and incident response plans to ensure readiness in case of exploitation.