Description
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.
Published: 2025-12-12
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized access to protected user data in macOS
Action: Patch Now
AI Analysis

Impact

A logic issue in macOS’s file handling, fixed in Sequoia 15.7.3, Sonoma 14.8.3 and Tahoe 26.2, potentially allows an application to read protected user data that it should not be able to access. The flaw arises from how the system validates file permissions, leading to an authorization bypass consistent with CWE‑285. An attacker who can run code in a sandboxed or normal user context could exploit this weakness to view or copy sensitive files belonging to other users. The impact is loss of confidentiality of protected user data, with no evidence of denial of service or execution of arbitrary code.

Affected Systems

Apple macOS versions prior to Sequoia 15.7.3, Sonoma 14.8.3 and Tahoe 26.2 are affected. The flaw in file handling logic could allow apps to read protected files that they should not access. Systems running newer releases are considered patched.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate impact. The EPSS score is below 1%, indicating very low exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Success likely requires the attacker to run a malicious or compromised application within the user’s environment. Since the issue is an authorization bypass, the likely attack vector is local or via a user‑initiated application rather than over the network. The risk remains moderate with low real‑world exploitation likelihood.

Generated by OpenCVE AI on April 27, 2026 at 22:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to the latest available release that includes the fix (Sequoia 15.7.3, Sonoma 14.8.3, Tahoe 26.2).
  • Ensure Gatekeeper is enabled and restrict installation of apps from untrusted developers.
  • If an immediate update is not possible, perform a security audit of running applications, enforce the least‑privilege file system permissions, and consider disabling the affected file‑handling feature if a remediation is available.

Generated by OpenCVE AI on April 27, 2026 at 22:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Title Logic Issue Enables Unauthorized Access to Protected User Data in macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access protected user data. A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.

Thu, 18 Dec 2025 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 17 Dec 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-285
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 17 Dec 2025 21:00:00 +0000

Type Values Removed Values Added
Description A logic issue was addressed with improved file handling. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access protected user data. A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access protected user data.
References

Sun, 14 Dec 2025 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Vendors & Products Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma

Fri, 12 Dec 2025 21:15:00 +0000

Type Values Removed Values Added
Description A logic issue was addressed with improved file handling. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access protected user data.
References

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:15:42.960Z

Reserved: 2025-04-22T21:13:49.959Z

Link: CVE-2025-46289

cve-icon Vulnrichment

Updated: 2025-12-17T20:30:59.171Z

cve-icon NVD

Status : Modified

Published: 2025-12-12T21:15:58.057

Modified: 2026-04-02T19:21:04.187

Link: CVE-2025-46289

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T22:45:15Z

Weaknesses