Description
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.
Published: 2025-03-31
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Modification of Protected Filesystem
Action: Apply Patch
AI Analysis

Impact

A library injection vulnerability in macOS allows an application to load malicious libraries, potentially modifying protected areas of the file system. This flaw represents a data exposure weakness, classified as CWE‑200, and could lead to unintended changes in critical system files or data integrity issues based on the attacker’s needs.

Affected Systems

Apple macOS, specifically versions prior to Sequoia 15.4. The fix was released in macOS Sequoia 15.4, so any installation of macOS Sequoia 15.0 through 15.3 remains vulnerable.

Risk and Exploitability

The CVSS score of 5.5 indicates a medium severity vulnerability, while an EPSS score of less than 1% shows a low probability of exploitation at present. The vulnerability is not listed in CISA’s KEV catalog. The most likely attack vector involves a malicious or compromised application that injects an unauthorized library into a privileged process; the attacker would need local execution or control over an approved app to exploit the weakness.

Generated by OpenCVE AI on April 28, 2026 at 03:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the operating system to macOS Sequoia 15.4 or later to receive the vendor’s patch
  • Keep Gatekeeper and System Integrity Protection enabled to restrict the loading of non‑system libraries
  • Monitor system logs for unexpected dynamic library loads and investigate any anomalies

Generated by OpenCVE AI on April 28, 2026 at 03:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8923 A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.
History

Tue, 28 Apr 2026 03:45:00 +0000

Type Values Removed Values Added
Title macOS Library Injection Could Modify Protected Files

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Fri, 04 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Thu, 03 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:08:28.508Z

Reserved: 2025-01-17T00:00:45.020Z

Link: CVE-2025-24282

cve-icon Vulnrichment

Updated: 2025-11-03T21:12:34.700Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:24.577

Modified: 2025-11-03T22:18:40.020

Link: CVE-2025-24282

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T03:30:19Z

Weaknesses