Impact
A permission flaw in macOS allows an application to initiate unexpected system termination, essentially forcefully shutting down the operating system without the normal orderly shutdown process. Such a crash can lead to data loss and corruption while disabling normal service availability. The vulnerability stems from a permissions issue that lets an application trigger this destructive action.
Affected Systems
Apple macOS releases below Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5 are impacted. The vulnerability is resolved in those patched versions and later releases that include the same update.
Risk and Exploitability
The EPSS score is < 1%, indicating a very low probability of exploitation. The CVSS score is 5.5, suggesting moderate severity. The vulnerability is not listed in the CISA KEV catalog, indicating that no widespread exploits have been reported. The likely attack vector is local, as the description indicates that an application capable of triggering the shutdown is required. If such an application were exposed to remote users or network services, the risk could expand to remote exploitation. Organizations should consider the risk impactful until the patch is applied.
OpenCVE Enrichment