Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. A malicious app may be able to gain root privileges.
Published: 2025-11-04
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation (root)
Action: Patch
AI Analysis

Impact

A permissions flaw in macOS allows a malicious application to obtain root privileges by bypassing additional restrictions. The vulnerability is classified as a privilege escalation weakness (CWE‑863) and can lead to full system compromise. Once root access is gained, an attacker can alter system files, install software, or exfiltrate data without detection.

Affected Systems

Apple macOS is affected, specifically all releases prior to macOS Sequoia 15.7.2 and macOS Tahoe 26.1. Users running earlier versions of these operating systems are at risk.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, but the EPSS score of less than 1% shows very low public exploitation probability at this time. The vulnerability is not listed in the CISA KEV catalog, suggesting it has not been widely abused yet. The likely attack vector is a local privilege escalation triggered by a malicious application that can be installed on the device, after which controlled exploitation can lead to system‐wide compromise.

Generated by OpenCVE AI on April 27, 2026 at 23:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest macOS update (Sequoia 15.7.2 or Tahoe 26.1) to patch the privilege escalation flaw.
  • If updating is not immediately possible, restrict installation of applications to only those that are Apple‑certified or signed with a known developer identity.
  • Enable or enforce System Integrity Protection and monitor for abnormal process activity that may indicate an attempted escalation attempt.

Generated by OpenCVE AI on April 27, 2026 at 23:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Permission Issue in macOS

Wed, 17 Dec 2025 21:00:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2. A malicious app may be able to gain root privileges. A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. A malicious app may be able to gain root privileges.
References

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple macos Sequoia
Vendors & Products Apple macos Sequoia

Tue, 04 Nov 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos

Tue, 04 Nov 2025 13:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2. A malicious app may be able to gain root privileges.
References

Subscriptions

Apple Macos Macos Sequoia
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:24:15.660Z

Reserved: 2025-04-16T15:24:37.117Z

Link: CVE-2025-43387

cve-icon Vulnrichment

Updated: 2025-11-04T12:57:32.335Z

cve-icon NVD

Status : Modified

Published: 2025-11-04T02:15:45.700

Modified: 2025-12-17T21:15:57.567

Link: CVE-2025-43387

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T23:15:06Z

Weaknesses