Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app with root privileges may be able to modify the contents of system files.
Published: 2025-03-31
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Integrity compromise of system files through a permissions bug
Action: Apply Update
AI Analysis

Impact

A vulnerability in macOS’s permissions enforcement allows a malicious application running with root privileges to modify system files that should otherwise be protected, potentially compromising operating‑system integrity, stability, and persistence mechanisms. The flaw is documented as a permissions issue and is classified under CWE-787, which describes a memory‑corruption risk from improperly bounded write operations. By altering protected binaries or configuration files, an attacker could inject malicious code, modify system policy settings, or disable security controls.

Affected Systems

Apple macOS releases up through Ventura 13.7.5, Sonoma 14.7.5, and Sequoia 15.4 are affected by this vulnerability. All other versions beyond those releases are not listed as affected.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity, while an EPSS score of less than 1 % reflects a very low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog, suggesting limited reported use. The attack vector is inferred to be local or requires a privileged user, as the description states that a malicious app with root privileges may modify system files. Thus, the risk is confined to systems where untrusted software can be introduced or granted elevated privileges.

Generated by OpenCVE AI on April 28, 2026 at 18:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the macOS update that removes the permission flaw (macOS Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5).
  • Disable or remove applications that are granted root privileges unless they are verified and trusted.
  • Enable Gatekeeper and configure it to restrict apps to the Apple‑verified catalog or allow only signed applications, preventing untrusted software from obtaining elevated privileges.

Generated by OpenCVE AI on April 28, 2026 at 18:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8908 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app with root privileges may be able to modify the contents of system files.
History

Tue, 28 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Title Root-Privilege System File Modification Vulnerability in macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app with root privileges may be able to modify the contents of system files. A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app with root privileges may be able to modify the contents of system files.

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Mon, 07 Apr 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 01 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 01 Apr 2025 05:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app with root privileges may be able to modify the contents of system files.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:25:11.574Z

Reserved: 2025-03-22T00:04:43.718Z

Link: CVE-2025-30446

cve-icon Vulnrichment

Updated: 2025-04-01T04:14:30.489Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:26.360

Modified: 2026-04-02T19:19:38.400

Link: CVE-2025-30446

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:00:20Z

Weaknesses