Description
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
Published: 2025-05-12
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation via Sandbox Escape
Action: Apply Update
AI Analysis

Impact

A flaw in macOS allowed an application to escape its sandbox, granting access to resources normally restricted by the operating system. The vulnerability was mitigated by eliminating the vulnerable code path. Because the sandbox is designed to confine apps, breaching it lets a malicious or compromised app potentially read or modify system files, access sensitive data, or execute additional code with higher privileges.

Affected Systems

Apple macOS installations before the release of Sequoia 15.5 are affected. The vulnerability was fixed in macOS Sequoia 15.5, so any version older than that may still be vulnerable unless a later update is applied.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity, but the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in CISA’s KEV catalog. Exploitation would likely require a malicious app to be executed on the target machine; the attacker would then leverage the sandbox breach to elevate privileges. As the flaw resides in the operating system, it is not limited to a particular application and could affect any trusted or compromised app running under the sandbox.

Generated by OpenCVE AI on April 28, 2026 at 11:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to Sequoia 15.5 or later.
  • If a full update cannot be applied immediately, restrict installation of unverified or unknown applications and avoid running unfamiliar binaries.
  • Continuously monitor system logs and process activity for signs of privilege escalation or anomalous behavior.

Generated by OpenCVE AI on April 28, 2026 at 11:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-14502 This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
History

Tue, 28 Apr 2026 11:45:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Escape Vulnerability

Fri, 27 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 27 May 2025 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 13 May 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 May 2025 21:45:00 +0000

Type Values Removed Values Added
Description This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:08.842Z

Reserved: 2025-03-27T16:13:58.337Z

Link: CVE-2025-31258

cve-icon Vulnrichment

Updated: 2025-11-03T19:52:34.353Z

cve-icon NVD

Status : Modified

Published: 2025-05-12T22:15:25.557

Modified: 2025-11-03T20:18:23.873

Link: CVE-2025-31258

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T11:30:29Z

Weaknesses