Description
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions.
Published: 2025-07-29
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch Now
AI Analysis

Impact

A sandboxed process may bypass macOS sandbox restrictions, enabling it to access resources it should be denied. This permission issue effectively allows an attacker with ability to run a sandboxed application to elevate privileges and potentially read or modify files, execute unauthorized processes, or otherwise compromise application isolation. The weakness is an instance of insufficient authorization as reflected by CWE‑693.

Affected Systems

Apple macOS systems, specifically the Sequoia and Sonoma releases before the specified update levels—Sequoia 15.6 and Sonoma 14.8—are impacted. Any installation of these operating systems lacking the security update that introduces stricter sandbox controls is vulnerable. The issue has not been assigned to a particular pre‑release, so all earlier versions of these OS families remain at risk until patched.

Risk and Exploitability

The CVSS score of 9.1 signifies a high‑severity vulnerability. However, the EPSS indicates an exploitation probability of less than 1 percent, suggesting that the exploitation window is currently narrow. This vulnerability is not listed in the CISA KEV catalog, and therefore no confirmed exploits are publicly documented. The likely attack vector is through a malicious sandboxed application that can escape its restrictions, implying that local or remote execution of such an app could lead to privilege escalation.

Generated by OpenCVE AI on April 28, 2026 at 00:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to at least Sequoia 15.6 or Sonoma 14.8, which contain the sandbox fix.
  • If an immediate update cannot be applied, enforce application restriction policies such as Gatekeeper or the hardened runtime to limit the ability of sandboxed programs to execute code outside their allowed scope.
  • Enable and review system audit logs for indications of sandbox escape or unauthorized file accesses to detect potential exploitation early.

Generated by OpenCVE AI on April 28, 2026 at 00:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23086 A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions.
History

Tue, 28 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title Sandbox Escape Vulnerability in macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions. A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions.
References

Mon, 03 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Mon, 15 Sep 2025 23:30:00 +0000

Type Values Removed Values Added
References

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions. A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions.
References

Thu, 31 Jul 2025 21:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Thu, 31 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-693
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 30 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Vendors & Products Apple
Apple macos
Apple macos Sequoia

Tue, 29 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions.
References

Subscriptions

Apple Macos Macos Sequoia
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:15:17.859Z

Reserved: 2025-04-16T15:24:37.100Z

Link: CVE-2025-43273

cve-icon Vulnrichment

Updated: 2025-11-03T20:03:51.629Z

cve-icon NVD

Status : Modified

Published: 2025-07-30T00:15:38.257

Modified: 2026-04-02T19:20:18.307

Link: CVE-2025-43273

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T01:00:10Z

Weaknesses