Description
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to break out of its sandbox.
Published: 2025-09-15
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation / Sandbox Escape
Action: Update OS
AI Analysis

Impact

The vulnerability is a permissions defect that allows a malicious application to escape the system sandbox on Apple operating systems. An app that could normally be confined has the potential to access or modify resources it should not, including data belonging to other applications or system services. This could lead to data compromise, unauthorized actions, or the installation of further malicious software.

Affected Systems

IPhone OS (iOS), iPadOS, macOS (Tahoe release series), tvOS, and watchOS are all affected. The flaw is fixed in the 26th major release of each suite (iOS 26/iPadOS 26/macOS Tahoe 26/tvOS 26/watchOS 26). Any device running a pre‑26 version is susceptible unless a subsequent update is applied.

Risk and Exploitability

The CVSS score of 8.8 classifies the issue as high severity. The EPSS score is below 1 %, indicating a very low likelihood of exploitation in the wild, and the flaw is not listed in CISA’s KEV catalog. Attacks would require a malicious app that the user installs or that gains execution privileges on the device; the vector is therefore an app‑installation or local execution scenario. Once exploited, the attacker can gain unauthorised access to additional system resources or other apps’ data by escaping the sandbox

Generated by OpenCVE AI on April 27, 2026 at 23:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to iOS 26, iPadOS 26, macOS Tahoe 26, tvOS 26, or watchOS 26 to receive the patch that adds the missing permission checks
  • If updating is not immediately possible, uninstall or delete any unknown or suspicious applications that could exploit the bypass
  • Configure device settings to limit app privileges and enable automatic app updates so future malicious code receives the same patch protections

Generated by OpenCVE AI on April 27, 2026 at 23:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29286 A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26, tvOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to break out of its sandbox.
History

Tue, 28 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Title Sandbox Escape through Permission Bypass on Apple Platforms

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An app may be able to break out of its sandbox. A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to break out of its sandbox.
References

Tue, 04 Nov 2025 02:30:00 +0000

Type Values Removed Values Added
References

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26, tvOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to break out of its sandbox. A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An app may be able to break out of its sandbox.

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 17 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Apple macos
Apple tvos
Apple watchos
Vendors & Products Apple
Apple ios
Apple ipados
Apple macos
Apple tvos
Apple watchos

Tue, 16 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 16 Sep 2025 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-862
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26, tvOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to break out of its sandbox.
References

Subscriptions

Apple Ios Ipados Iphone Os Macos Tvos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:23:55.422Z

Reserved: 2025-04-16T15:24:37.109Z

Link: CVE-2025-43329

cve-icon Vulnrichment

Updated: 2025-11-03T18:11:24.566Z

cve-icon NVD

Status : Modified

Published: 2025-09-15T23:15:35.620

Modified: 2026-04-02T19:20:27.110

Link: CVE-2025-43329

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T00:00:18Z

Weaknesses