CVE-2025-43198: 
macOS vulnerability analysis and mitigation

CVE-2025-43198 is a security vulnerability affecting macOS systems that was discovered and disclosed on July 29, 2025. The vulnerability affects macOS Sequoia (versions up to 15.6) and macOS Sonoma (versions up to 14.7.7), where an application may be able to access protected user data (Apple Support, NVD).

The vulnerability is classified with a CVSS v3.1 Base Score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The issue is related to improper access control (CWE-284) and was addressed by Apple by removing the vulnerable code in the Dock component (NVD).

When exploited, this vulnerability allows a malicious application to access protected user data, potentially compromising sensitive information stored on the affected macOS systems (Apple Support).

Apple has released security updates to address this vulnerability in macOS Sequoia 15.6 and macOS Sonoma 14.7.7. Users are advised to update their systems to these versions or later to mitigate the risk (Apple Support, Apple Support).

The vulnerability was discovered and reported by security researcher Mickey Jin (@patch1t), demonstrating ongoing security research efforts in identifying macOS vulnerabilities (Apple Support).