This vulnerability arises from an access control flaw that allows a malicious application configured as an HTTPS proxy to capture encrypted traffic and read otherwise confidential user data. This is a CWE-284 (Improper Access Control) defect. By using the proxy capability, the attacker could intercept and view traffic that should remain private, exposing sensitive information such as passwords, authentication tokens, or personal data. The flaw could lead to data theft, credential compromise, and other privacy violations, as the intercepted data may contain highly confidential content.

Apple macOS is affected, specifically all Sequoia 15, Sonoma 14, and Ventura 13 releases older than the security updates that contain the fix. The patch is available in macOS Sequoia 15.6, macOS Sonoma 14.7.7, and macOS Ventura 13.7.7; systems running earlier builds remain vulnerable.

The CVSS score of 9.8 indicates critical severity, but the EPSS score of less than 1% suggests exploitation is currently unlikely. The vulnerability is not listed in CISA’s KEV catalog, indicating it is not a known, actively exploited issue at this time. Based on the description, it is inferred that exploitation requires a local attacker who can install or run a malicious HTTPS proxy application, as no remote attack vector is described. The flaw is a local access control defect, so an attacker must execute the malicious application on the target machine to gain the unauthorized data access.