Description
A file access issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox.
Published: 2025-03-31
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Potential sandbox escape via file access issue
Action: Patch Now
AI Analysis

Impact

A file access issue has been identified that potentially allows an application to break out of its sandbox. The vulnerability is a result of insufficient input validation controls.

Affected Systems

Apple macOS is affected. The issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. Systems running earlier releases of these operating systems are therefore potentially impacted.

Risk and Exploitability

The CVSS score of 8.4 indicates a high severity impact. The EPSS score is less than 1%, suggesting a low likelihood of immediate exploitation, and it is not currently listed in the CISA KEV catalog. Based on the description, this vulnerability could allow an application to escape its sandbox, potentially granting unauthorized access to system resources.

Generated by OpenCVE AI on April 28, 2026 at 11:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade your macOS to Sequoia 15.4, or Sonoma 14.7.5, or Ventura 13.7.5, or any newer release that includes the patch.
  • If you develop or maintain an application that may be affected, review its file access handling and consider stricter sandbox restrictions.
  • If an immediate update is not possible, consider limiting the application’s file access by adjusting its permissions in System Settings → Security & Privacy → Full Disk Access.

Generated by OpenCVE AI on April 28, 2026 at 11:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8948 A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.
History

Tue, 28 Apr 2026 12:00:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Escape via Improper File Access Validation

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox. A file access issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox.

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Mon, 07 Apr 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 01 Apr 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:24:13.595Z

Reserved: 2025-01-17T00:00:45.013Z

Link: CVE-2025-24255

cve-icon Vulnrichment

Updated: 2025-11-03T21:11:13.331Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:22.477

Modified: 2026-04-02T19:19:28.383

Link: CVE-2025-24255

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T11:45:30Z

Weaknesses