CVE-2025-43530

Name of the Vulnerable Software and Affected Versions macOS versions prior to 26.2 macOS Sonoma versions prior to 14.8.3 macOS Sequoia versions prior to 15.7.3 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3

Description The issue involves a Trust Consent and Control (TCC) bypass in macOS, iOS, and iPadOS. An application may be able to access sensitive user data without explicit user permission. The flaw abuses trust in Apple-signed accessibility components, specifically VoiceOver and ScreenReader, along with a Time-of-Check-to-Time-of-Use (TOCTOU) weakness. This allows for silent execution of AppleScript/AppleEvents, potentially granting unauthorized access to files, microphone data, and camera data. The vulnerability resides within the ScreenReader.framework and involves bypassing TCC through manipulation of file-path-based checks and potential code injection into Apple-signed binaries. The issue was addressed with improved checks and entitlement validation via audit token.

Recommendations Update to macOS version 26.2 or later. Update to macOS Sonoma version 14.8.3 or later. Update to macOS Sequoia version 15.7.3 or later. Update to iOS version 18.7.3 or later. Update to iPadOS version 18.7.3 or later.