Description
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
Published: 2026-06-11
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an application to escape its sandbox confinement, enabling it to execute unauthorized operations that could compromise system integrity or confidentiality. By exploiting incorrect enforcement of sandbox boundaries, a malicious or compromised app can gain elevated privileges beyond its intended limits, potentially accessing protected files, altering system settings, or running code that bypasses security restrictions. This weakness stems from improper authorization and access control within the sandbox framework.

Affected Systems

Apple macOS is affected, specifically all releases prior to macOS Sequoia 15.4. The flaw is mitigated in the Sequoia 15.4 update, which introduces stricter checks against unauthorized actions.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity vulnerability, while the EPSS score is not available. The flaw is not listed in the CISA KEV catalog, suggesting limited known exploitation to date. Nonetheless, the ability to break out of a sandbox carries significant risk because it permits privilege escalation on the host system. Likely exploitation would involve a crafted or malicious application running locally on the target machine. Even without documented exploits, organizations running legacy macOS versions should treat this as a potentially high‑impact concern and plan for timely remediation.

Generated by OpenCVE AI on June 12, 2026 at 00:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade macOS to Sequoia 15.4 or later.
  • Review and restrict sandbox entitlements for deployed applications to the minimum necessary.
  • When an upgrade cannot be performed immediately, employ application whitelisting or additional containment controls to limit the reach of any compromised app.

Generated by OpenCVE AI on June 12, 2026 at 00:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/122373 cve-icon cve-icon
History

Fri, 12 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
Title Sandbox Escape Vulnerability in Apple macOS Prior to Sequoia 15.4

Thu, 11 Jun 2026 23:00:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Escape Vulnerability Allowing Unauthorized Application Actions
Weaknesses CWE-284
CWE-285

Thu, 11 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Escape Vulnerability Allowing Unauthorized Application Actions
Weaknesses CWE-284
CWE-285

Thu, 11 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Thu, 11 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-693
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 11 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-06-11T19:04:59.681Z

Reserved: 2025-01-17T00:00:45.020Z

Link: CVE-2025-24284

cve-icon Vulnrichment

Updated: 2026-06-11T19:04:39.790Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-06-11T19:16:27.253

Modified: 2026-06-11T20:51:53.840

Link: CVE-2025-24284

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T00:30:07Z

Weaknesses
  • CWE-693

    Protection Mechanism Failure