CVE-2025-43257

Published: Apr 02, 2026 Last Modified: Apr 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,7

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: low

Description

AI Translation Available

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to break out of its sandbox.

Improper Link Resolution Before File Access ('Link Following')

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Access Control Other

Potential Impacts:

Read Files Or Directories Modify Files Or Directories Bypass Protection Mechanism Execute Unauthorized Code Or Commands

Applicable Platforms

Operating Systems: Windows, Unix

Likelihood of Exploit: Medium

View CWE Details

https://support.apple.com/en-us/124149

CVE-2025-43257

Description

Improper Link Resolution Before File Access ('Link Following')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter