Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Local app execution with standard user privileges is required; no integrity or availability impact - only confidentiality breach via protection mechanism bypass.
Primary rating from Vendor (apple).
CVSS VectorVendor: apple
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information.
AnalysisAI
Protection mechanism failure in Apple macOS allows a locally-installed malicious app running with standard user privileges to access private information that should be restricted by OS-level access controls. Affected versions span three active macOS release trains: Sequoia before 15.4, Sonoma before 14.7.5, and Ventura before 13.7.5. No active exploitation has been confirmed (not in CISA KEV), and CISA SSVC rates exploitation likelihood as none with partial technical impact, placing this in a monitored-but-not-urgent priority tier for most organizations.
Technical ContextAI
The vulnerability is classified under CWE-693 (Protection Mechanism Failure), meaning the macOS security boundary intended to prevent untrusted applications from accessing sensitive private data was insufficiently enforced prior to the fix. Apple's description - 'addressed with improved checks' - indicates the flaw resided in a validation or entitlement-enforcement code path rather than a memory safety issue. The affected CPE (cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*) spans all macOS variants below the patched thresholds. The local attack vector (AV:L) and low privilege requirement (PR:L) indicate the exploit path runs within the user session context - a sandboxed or otherwise restricted app was able to read data outside its declared entitlements. The specific private data category (contacts, location, keychain entries, etc.) was not disclosed by Apple, which is consistent with their standard security advisory redaction policy.
RemediationAI
The primary remediation is to apply the vendor-released patches: upgrade to macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5, as documented in Apple's advisories at https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, and https://support.apple.com/en-us/122375. For organizations unable to patch immediately, a compensating control is to enforce MDM or Gatekeeper policies that restrict installation of unsigned or non-App-Store applications, reducing the probability that a malicious app reaches user devices. Note that this workaround raises friction for developers and power users and does not eliminate the vulnerability for apps already installed. Endpoint detection tools capable of flagging anomalous inter-process data access or unexpected privacy API calls (e.g., TCC framework access logging) may provide detection coverage in lieu of patching.
Same weakness CWE-693 – Protection Mechanism Failure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210121
GHSA-h5q6-gghm-9xc3