CVE-2025-43187

Arbitrary Code Execution via hdiutil Command

Description

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Running an hdiutil command may unexpectedly execute arbitrary code.

INFO

Published Date :

2025-08-29T00:28:52.591Z

Last Modified :

2026-04-02T18:25:09.110Z

Source :

apple

AFFECTED PRODUCTS

The following products are affected by CVE-2025-43187 vulnerability.

Vendors	Products
Apple	Macos Macos Sequoia Macos Sonoma Macos Ventura

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-43187.

URL	Resource
http://seclists.org/fulldisclosure/2025/Jul/32
http://seclists.org/fulldisclosure/2025/Jul/33
http://seclists.org/fulldisclosure/2025/Jul/34
https://support.apple.com/en-us/124149
https://support.apple.com/en-us/124150
https://support.apple.com/en-us/124151

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact