The host is installed with Apple Mac OS 14 before 14.3 or Apple Mac OS 12 before 12.7.4 or Apple Mac OS 13 before 13.6.5 and is prone to a timing side-channel vulnerability. A flaw is present in the application, which fails to properly handle issues in constant-time computation in cryptographic functions. On successful exploitation, an attacker may be able to decrypt legacy rsa pkcs#1 v1.5 ciphertexts without having the private key.