Description
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to gain root privileges.
Published: 2026-02-11
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Root Privilege Escalation
Action: Patch Now
AI Analysis

Impact

A path handling flaw in macOS allows an application to bypass normal path validation, potentially enabling the app to gain root privileges. This vulnerability aligns with CWE-22, a path traversal weakness. If an attacker can exploit it, the threat is that the attacker may obtain full system control, compromising the device's security.

Affected Systems

Apple's macOS operating systems, specifically versions prior to macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, and macOS Tahoe 26.3, are affected. The issue has been fixed in the mentioned patched releases.

Risk and Exploitability

The CVSS score of 7.8 indicates significant severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog, implying no widespread exploitation has been reported. The likely attack vector is local privilege escalation through a malicious or compromised application that can leverage the path handling flaw to gain root privileges. Formal patching remains the most reliable mitigation.

Generated by OpenCVE AI on April 15, 2026 at 20:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the operating system to macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, or macOS Tahoe 26.3, whichever applies to your environment.
  • If an OS upgrade cannot be performed immediately, limit the use of applications that handle file paths in ways that may trigger the flaw, or run them with the least privilege necessary.
  • Apply strict file system permissions and monitor for unauthorized attempts to read or modify critical system directories.

Generated by OpenCVE AI on April 15, 2026 at 20:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Title Root Privilege Escalation via Path Handling in macOS

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to gain root privileges. A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to gain root privileges.

Wed, 25 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 13 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to gain root privileges.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:19:39.839Z

Reserved: 2025-11-11T14:43:07.858Z

Link: CVE-2026-20614

cve-icon Vulnrichment

Updated: 2026-02-25T17:49:08.776Z

cve-icon NVD

Status : Modified

Published: 2026-02-11T23:16:04.957

Modified: 2026-04-02T19:21:10.153

Link: CVE-2026-20614

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T21:00:09Z

Weaknesses