Description
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
Published: 2025-07-29
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Elevated Privileges from Sandbox Escape
Action: Apply Patch
AI Analysis

Impact

This vulnerability permits a local application to escape its sandbox and execute arbitrary code with elevated privileges due to improper state management. The flaw enables the app to bypass sandbox restrictions, thereby risking unauthorized code execution and potential exploitation of system resources.

Affected Systems

Apple macOS systems prior to macOS Sequoia 15.3, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7 are affected. The defect is fixed in those releases, and any earlier macOS versions without the update remain vulnerable.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, while an EPSS score of < 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in CISA KEV. Based on the description, the attack vector appears to be local, exploiting an application that can be run by a user or privileged process; the path to privilege escalation is clear once the unpatched system runs the vulnerable app.

Generated by OpenCVE AI on April 28, 2026 at 00:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, or later releases that include the state‑management fix.
  • Enforce Gatekeeper to allow only signed applications, reducing the chance that unverified code can be executed.
  • Monitor system logs for sandbox violation events as an early indicator of potential exploitation attempts.

Generated by OpenCVE AI on April 28, 2026 at 00:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23121 This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
History

Tue, 28 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Escape Allowing Privilege Escalation

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 30 Jul 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Apple macos Ventura
Vendors & Products Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Apple macos Ventura

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
References

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma Macos Ventura
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:13:55.795Z

Reserved: 2025-01-17T00:00:44.970Z

Link: CVE-2025-24119

cve-icon Vulnrichment

Updated: 2025-11-03T19:43:16.303Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:29.710

Modified: 2026-04-02T19:19:02.470

Link: CVE-2025-24119

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:00:10Z

Weaknesses