Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Local vector confirmed; user must run the app (UI:R); no elevated privileges needed; impact is purely availability via system crash.
Primary rating from Vendor (apple).
CVSS VectorVendor: apple
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionCVE.org
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
AnalysisAI
Improper access control in Apple macOS allows a locally-executed app to cause unexpected system termination, effectively producing a denial-of-service condition against the host. All three actively-supported macOS release lines - Sequoia, Sonoma, and Ventura - are confirmed affected, with fixes delivered simultaneously across all three branches. No active exploitation is confirmed (not in CISA KEV), and the EPSS score of 0.01% at the 3rd percentile indicates negligible observed exploitation probability at time of analysis.
Technical ContextAI
The vulnerability is rooted in CWE-284 (Improper Access Control), meaning the macOS permission enforcement model fails to adequately restrict a sandboxed or unprivileged application from invoking operations that can terminate the operating system. The affected product, per CPE cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*, spans all macOS variants prior to the respective fixed releases. The 'Authentication Bypass' tag in the intelligence data, combined with CWE-284, suggests the flaw allows an app to circumvent entitlement or permission checks that normally gate access to system-critical interfaces - the specific subsystem (kernel extension, XPC service, or system call gate) is not publicly disclosed by Apple, consistent with their standard minimal-disclosure advisory practice.
RemediationAI
The primary fix is to upgrade to macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5, as confirmed by Apple's security advisories at https://support.apple.com/en-us/122373 (Sequoia), https://support.apple.com/en-us/122374 (Sonoma), and https://support.apple.com/en-us/122375 (Ventura). If immediate patching is not feasible, a compensating control is to restrict installation and execution of unsigned or unnotarized applications via macOS Gatekeeper and System Preferences > Privacy & Security, which limits the attack surface to apps that have passed Apple notarization - note this does not eliminate risk from malicious signed apps but significantly raises the barrier. Organizations using MDM (Mobile Device Management) solutions can enforce application allowlisting to restrict which apps users can execute, directly limiting exploitation opportunity.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210113
GHSA-m7r8-cwwx-vr4p