Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to launch any installed app.
Published: 2025-07-29
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation via Arbitrary App Launch
Action: Immediate Patch
AI Analysis

Impact

A sandboxed process can bypass macOS permissions and launch any installed application, effectively giving an attacker the ability to execute arbitrary code within the context of the launched app. The vulnerability stems from an improper authorization flaw (CWE-274) that allows a process confined by a sandbox to perform operations it should not be able to, leading to potential compromise of system integrity and confidentiality.

Affected Systems

MacOS for all versions before macOS Sequoia 15.6 are affected. The issue is fixed in macOS Sequoia 15.6 and later releases. Users running earlier releases are at risk.

Risk and Exploitability

The CVSS score of 6.2 indicates a medium severity flaw. The EPSS score of less than 1% suggests exploitation is currently rare, and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is a sandboxed process, potentially legitimate or malicious, that can be leveraged to launch arbitrary applications. The lack of widely-deployed zero‑day exploits combined with the low EPSS score mitigates urgency, but the impact of being able to run any app warrants prompt attention.

Generated by OpenCVE AI on April 28, 2026 at 00:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install macOS 15.6 or later to apply the vendor fix.
  • Restrict sandboxed processes by configuring sandbox profiles so that only approved executables can be spawned.
  • Enforce Gatekeeper or MDM rules to require signed applications, preventing non‑trusted binaries from execution.

Generated by OpenCVE AI on April 28, 2026 at 00:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23099 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to launch any installed app.
History

Tue, 28 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title Sandbox Process Can Arbitrarily Launch Apps on macOS

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Thu, 31 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-274
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to launch any installed app.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:11:19.683Z

Reserved: 2025-03-27T16:13:58.344Z

Link: CVE-2025-31275

cve-icon Vulnrichment

Updated: 2025-11-03T19:52:43.963Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:30.617

Modified: 2025-11-03T20:18:24.503

Link: CVE-2025-31275

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:00:10Z

Weaknesses