Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
Published: 2026-03-25
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized modification of protected filesystem parts
Action: Apply update
AI Analysis

Impact

The vulnerability is an out‑of‑bounds write that allows a local application to overwrite protected sections of the filesystem, bypassing the intended bounds checks. Because the affected component can alter critical files or directories, it can compromise system integrity. The flaw is identified as CWE‑787, a buffer overwrite weakness.

Affected Systems

Apple macOS releases prior to the fixed versions are affected. The issue exists in macOS Sequoia, Sonoma, and Tahoe, versions older than 15.7.5, 14.8.5, and 26.4 respectively. Systems running these older versions may be vulnerable.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, while an EPSS score below 1% points to a low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector requires a local application with privileges sufficient to trigger the out‑of‑bounds write; it is not a purely remote flaw.

Generated by OpenCVE AI on March 25, 2026 at 21:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the macOS update that includes the fix—Sequoia 15.7.5, Sonoma 14.8.5, or Tahoe 26.4, depending on your version.
  • If an update cannot be applied immediately, limit the installation of applications that could trigger the flaw and monitor for unexpected file changes.
  • After updating, run system integrity checks to confirm no unauthorized modifications have occurred.

Generated by OpenCVE AI on March 25, 2026 at 21:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 23 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Write Permits Modification of Protected Filesystem Areas in macOS

Wed, 25 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 25 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-23T18:17:00.916Z

Reserved: 2026-03-03T16:36:03.968Z

Link: CVE-2026-28825

cve-icon Vulnrichment

Updated: 2026-04-23T18:17:00.916Z

cve-icon NVD

Status : Modified

Published: 2026-03-25T01:17:07.690

Modified: 2026-04-23T19:17:23.750

Link: CVE-2026-28825

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T21:48:06Z

Weaknesses