A flaw in macOS allows a third‑party app to modify protected file system areas that it should not be able to access. The vulnerability arises from insufficient checks on file system manipulation and could enable an attacker to alter system configuration files, overwrite critical binaries, or otherwise compromise system integrity. The weakness falls under the Information Exposure category, indicating that sensitive system files could be exposed or altered beyond intended boundaries.

The issue affects Apple macOS releases prior to macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5. Any macOS installation that has not yet been updated to those versions retains the vulnerability. The affected platform encompasses all standard desktop and laptop macOS devices that run the mentioned operating systems.

The CVSS score of 5.5 classifies the flaw as a moderate risk. The EPSS score of less than 1% indicates an extremely low probability of exploitation in the wild. The vulnerability is not included in CISA’s KEV catalog, further suggesting limited known exploitation activity. The likely attack vector is local; an attacker must run an application with sufficient privileges on the target machine. Remote exploitation is not supported by the description, so the risk is largely confined to machines that already run untrusted or compromised applications.