Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Requires a locally running app with normal user privileges to invoke the vulnerable API, so AV:L and PR:L; confidentiality-only impact on user data.
Primary rating from Vendor (apple).
CVSS VectorVendor: apple
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.
AnalysisAI
Unauthorized access to protected user data is possible in Apple macOS prior to Tahoe 26.1, where a locally installed application can bypass system permission boundaries (CWE-284) to read data normally gated by TCC/entitlement controls. Apple has shipped a fix that adds additional restrictions, and no public exploit has been identified at time of analysis. The NVD CVSS vector advertises network exploitability, but the description clearly describes a local application abuse path, which materially changes the realistic risk picture.
Technical ContextAI
The flaw sits in macOS's access control layer, the subsystem responsible for enforcing per-app entitlements, sandbox profiles, and TCC (Transparency, Consent, and Control) approvals over sensitive resources such as Contacts, Calendars, Photos, Documents, and other protected directories. CWE-284 (Improper Access Control) indicates the operating system did not adequately verify whether the requesting app was authorized for the resource it was reaching, allowing an installed app to obtain data it should have been blocked from. The affected CPE (cpe:2.3:a:apple:macos) covers macOS broadly with the fix landing in the Tahoe 26.1 release train, consistent with the EUVD-listed affected range of macOS <26.1.
RemediationAI
Vendor-released patch: macOS Tahoe 26.1 - update affected Macs to this build via Software Update or MDM (Apple advisory: https://support.apple.com/en-us/125634). For endpoints that cannot immediately move to Tahoe 26.1, restrict installation of untrusted applications by enforcing Gatekeeper, notarization checks, and an allow-listing MDM policy (Jamf, Kandji, Intune), and audit TCC permission grants to remove broad Full Disk Access or Files-and-Folders consents from non-essential apps; the trade-off is increased helpdesk friction and potential breakage of legitimate apps that rely on those permissions. There is no documented configuration-only workaround that closes the underlying access-control gap, so patching is the only durable fix.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210117
GHSA-cgh9-r68j-5q63