Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
Published: 2026-06-11
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A permission flaw in macOS allows an application to initiate unexpected system termination, essentially forcefully shutting down the operating system without the normal orderly shutdown process. Such a crash can lead to data loss and corruption while disabling normal service availability. The vulnerability stems from a permissions issue that lets an application trigger this destructive action.

Affected Systems

Apple macOS releases below Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5 are impacted. The vulnerability is resolved in those patched versions and later releases that include the same update.

Risk and Exploitability

The EPSS score is < 1%, indicating a very low probability of exploitation. The CVSS score is 5.5, suggesting moderate severity. The vulnerability is not listed in the CISA KEV catalog, indicating that no widespread exploits have been reported. The likely attack vector is local, as the description indicates that an application capable of triggering the shutdown is required. If such an application were exposed to remote users or network services, the risk could expand to remote exploitation. Organizations should consider the risk impactful until the patch is applied.

Generated by OpenCVE AI on June 13, 2026 at 01:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update each affected macOS installation to at least Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5, or to any later version that contains the fix.
  • If an upgrade cannot be performed immediately, identify applications that can invoke system termination and either disable or restrict them until the patch is applied.
  • Enable macOS security mechanisms such as App Sandbox or System Integrity Protection to limit the ability of applications to execute privileged termination commands when unnecessary.
  • Implement monitoring for unexpected shutdown events or abnormal termination attempts in system logs to detect potential exploitation early.

Generated by OpenCVE AI on June 13, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Sat, 13 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Title Permission Issue Allowing Unexpected System Termination in macOS
Weaknesses CWE-250

Fri, 12 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 12 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
Title Permission Issue Allowing Unexpected System Termination in macOS
Weaknesses CWE-250
CWE-284

Thu, 11 Jun 2026 23:00:00 +0000

Type Values Removed Values Added
Title Unrestricted Permission Enables Unexpected System Termination on macOS
Weaknesses CWE-264
CWE-732

Thu, 11 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Title Unrestricted Permission Enables Unexpected System Termination on macOS
Weaknesses CWE-264
CWE-732

Thu, 11 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Thu, 11 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-06-12T21:24:55.140Z

Reserved: 2025-01-17T00:00:44.988Z

Link: CVE-2025-24165

cve-icon Vulnrichment

Updated: 2026-06-12T21:24:51.022Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-11T19:16:26.260

Modified: 2026-06-15T14:26:16.880

Link: CVE-2025-24165

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-13T01:30:17Z

Weaknesses