Description
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges.
Published: 2025-07-29
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

This vulnerability arises from improper state management in macOS, allowing a local application to acquire root privileges. The weakness is a classic privilege escalation flaw, identified as CWE‑269. The CVSS score of 7.8 indicates high severity, meaning that any successful exploitation would grant an attacker full system control.

Affected Systems

Apple macOS installations running versions earlier than Sequoia 15.6 or Sonoma 14.7.7 are vulnerable. The patch introduces improved state handling that prevents the escalation path. Users should assess whether their current macOS version precedes the specified fixes.

Risk and Exploitability

The EPSS score of less than 1% suggests that, as of the latest data, the likelihood of this exploit being actively used is very low and the vulnerability is not recorded in the CISA KEV catalog. However, the nature of the flaw still grants unrestricted system access; the attack vector is inferred to be local, requiring the attacker to run a malicious or compromised application on the affected machine. Given the high criticality of root access, organizations should not wait for external exploitation reports before applying the fix.

Generated by OpenCVE AI on April 28, 2026 at 00:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to macOS Sequoia 15.6 or macOS Sonoma 14.7.7 to deploy the state‑management fix.
  • If an update cannot be applied immediately, restrict the use of the vulnerable application by disabling it or running it within a sandboxed environment to limit privilege escalation.
  • Continuously monitor system logs for indications of privileged process launches and consider strengthening system integrity controls such as full disk encryption and context‑aware access policies.

Generated by OpenCVE AI on April 28, 2026 at 00:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23111 This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges.
History

Tue, 28 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Improper State Management in macOS

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 31 Jul 2025 21:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Thu, 31 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Vendors & Products Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges.
References

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:24:25.070Z

Reserved: 2025-04-16T15:24:37.096Z

Link: CVE-2025-43256

cve-icon Vulnrichment

Updated: 2025-11-03T20:03:20.388Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:37.373

Modified: 2025-11-03T20:18:58.083

Link: CVE-2025-43256

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:00:10Z

Weaknesses