CVE-2025-31232 - Vulnerability Details

- Sandbox Escape Allowing Sensitive Data Access

Description

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A sandboxed app may be able to access sensitive user data.

Published: 2025-05-12

Score: 7.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A logic flaw in macOS allows a sandboxed application to read sensitive user data that it should not normally be able to access. The weakness is a failure of authorization checks, identified as CWE‑284, and could expose personal documents, emails, or other private information. This vulnerability does not provide remote code execution or system compromise, but it enables unauthorized data disclosure while keeping the app confined to a sandboxed environment.

Affected Systems

Apple macOS is affected in versions that do not incorporate the patch: macOS Sequoia prior to 15.5, macOS Sonoma prior to 14.7.6, and macOS Ventura prior to 13.7.6. All earlier releases lacking the updated checks remain vulnerable.

Risk and Exploitability

The CVSS score of 7.1 reflects a moderate to high risk when a malicious sandboxed app is present. The EPSS score of less than 1% indicates that exploitation is unlikely but not impossible, and the vulnerability is not yet listed in CISA's KEV catalog. Exploitation would likely occur locally or through a trusted application distributed to the system, and the attacker would gain access exclusively to the data the sandboxed app can read.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apple

macOS

affected

Version	Status	Constraints
`0`	affected	< 13.7.6
`0`	affected	< 14.7.6
`0`	affected	< 15.5

Configuration 1 [-]

OR	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the MacOS operating system to Sequoia 15.5 or later, Sonoma 14.7.6 or later, or Ventura 13.7.6 or later where the logic checks have been added.
Ensure all future macOS updates are automatically installed to receive the latest vulnerability fixes.
If an immediate OS upgrade is infeasible, restrict the installation of new sandboxed applications by reviewing their permissions and, if possible, use application control policies to block or quarantine apps that request excessive data access.

Generated by OpenCVE AI on April 28, 2026 at 01:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-14626	A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00295.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
http://seclists.org/fulldisclosure/2025/May/7
http://seclists.org/fulldisclosure/2025/May/8
http://seclists.org/fulldisclosure/2025/May/9
https://support.apple.com/en-us/122716
https://support.apple.com/en-us/122717
https://support.apple.com/en-us/122718

History

Tue, 28 Apr 2026 02:15:00 +0000

Type	Values Removed	Values Added
Title		Sandbox Escape Allowing Sensitive Data Access

Thu, 02 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
Description	A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.	A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A sandboxed app may be able to access sensitive user data.

Mon, 03 Nov 2025 20:30:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2025/May/7 http://seclists.org/fulldisclosure/2025/May/8 http://seclists.org/fulldisclosure/2025/May/9

Tue, 27 May 2025 21:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos
CPEs		cpe:2.3:o:apple:macos::::::::
Vendors & Products		Apple Apple macos

Tue, 13 May 2025 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-284
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 12 May 2025 21:45:00 +0000

Type	Values Removed	Values Added
Description		A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.
References		https://support.apple.com/en-us/122716 https://support.apple.com/en-us/122717 https://support.apple.com/en-us/122718

Subscriptions

Apple Macos

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2025-05-12T21:42:34.632Z

Updated: 2026-04-02T18:15:27.974Z

Reserved: 2025-03-27T16:13:58.323Z

Link: CVE-2025-31232

Vulnrichment

Updated: 2025-11-03T19:50:45.351Z

NVD

Status : Modified

Published: 2025-05-12T22:15:23.580

Modified: 2026-04-02T19:19:51.823

Link: CVE-2025-31232

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-28T02:00:15Z

Weaknesses

CWE-284

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object