Description
The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.
Published: 2025-03-31
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

An application can exploit improper validation of environment variables, allowing it to modify protected areas of the file system. This flaw provides local privilege escalation because the attacker can write or replace files in system directories typically restricted to elevated users. The weakness is a classic input validation failure (CWE‑20). The impact is that the attacker can gain increased capabilities by altering critical system files, potentially compromising system integrity and stability. Overall, the vulnerability can be used to step beyond the application’s intended permissions and affect system security.

Affected Systems

Apple macOS, specifically macOS Sequoia versions older than 15.4, which lack the patched validation logic. Any system running those releases is susceptible.

Risk and Exploitability

The CVSS score of 5.5 suggests moderate severity, while the EPSS of less than 1% indicates a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector requires a malicious or compromised application running with user privileges, which then injects crafted environment variables. Once the unsafe environment is in place, the application can perform file system modifications that would normally be restricted.

Generated by OpenCVE AI on April 28, 2026 at 03:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade your Mac to macOS Sequoia 15.4 or later to receive the fixed input validation.
  • As a temporary precaution, restrict execution of untrusted applications that may inject environment variables, or remove unnecessary environment variables from system or user profiles.
  • Monitor system logs for unexpected modifications in protected directories and investigate promptly.

Generated by OpenCVE AI on April 28, 2026 at 03:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-9010 The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.
History

Tue, 28 Apr 2026 03:45:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Environment Variable Injection on macOS

Mon, 03 Nov 2025 21:30:00 +0000

Type Values Removed Values Added
References

Fri, 04 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Thu, 03 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:09:02.729Z

Reserved: 2025-01-17T00:00:44.997Z

Link: CVE-2025-24191

cve-icon Vulnrichment

Updated: 2025-11-03T21:06:59.730Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:17.470

Modified: 2025-11-03T21:19:32.030

Link: CVE-2025-24191

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T03:30:19Z

Weaknesses