Description
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An attacker with root privileges may be able to delete protected system files.
Published: 2026-02-11
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Delete protected system files with root privileges
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a state‑management flaw that allows an attacker who already has root privileges to delete protected system files, potentially compromising the integrity of the operating system.

Affected Systems

The flaw affects macOS operating systems prior to the release of Sequoia 15.7.4 and Sonoma 14.8.4; any installation that has not been updated to these versions is considered vulnerable.

Risk and Exploitability

The CVSS score of 6 indicates moderate severity, and the EPSS score of less than 1% shows a very low probability of exploitation. The vulnerability is not listed in CISA’s KEV catalog, and it requires local root access; thus the attack vector is limited to environments where an attacker can already obtain or holds root privileges.

Generated by OpenCVE AI on April 27, 2026 at 21:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest macOS update that includes the fix – update to Sequoia 15.7.4 or Sonoma 14.8.4.
  • Avoid running everyday tasks with root privileges; use standard user accounts and apply the principle of least privilege.
  • If a system update cannot be performed, limit filesystem write permissions and enable or enforce File System Integrity Protection to restrict deletion of protected files.

Generated by OpenCVE AI on April 27, 2026 at 21:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Title Root Privilege File Deletion Vulnerability in macOS

Fri, 13 Feb 2026 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Fri, 13 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Feb 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269
Metrics cvssV3_1

{'score': 6.0, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An attacker with root privileges may be able to delete protected system files.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:23:41.930Z

Reserved: 2025-04-22T21:13:49.961Z

Link: CVE-2025-46310

cve-icon Vulnrichment

Updated: 2026-02-12T16:01:36.667Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-11T23:16:03.120

Modified: 2026-02-13T15:47:47.473

Link: CVE-2025-46310

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T21:15:05Z

Weaknesses