Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
Published: 2026-03-25
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

The vulnerability allows an application to modify protected areas of the filesystem. By exercising elevated write permissions, an attacker could tamper with system files or alter application data, potentially compromising data integrity and system stability. The weakness arises from incorrect assignment of filesystem permissions, enabling unauthorized modification of critical resources.

Affected Systems

Apple macOS versions prior to the patches mentioned in the advisory are affected. The fixed releases are macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. All earlier builds may still be vulnerable, with the vulnerability manifesting on any user or application capable of writing to protected filesystem components.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, and the EPSS score of less than 1% suggests low current exploitation probability. The issue is not included in the CISA KEV catalog, further implying limited known exploitation. Exploitation would require local execution of a malicious or compromised application that can bypass the permission checks, and the attack vector is inferred to be local or user‑level.

Generated by OpenCVE AI on March 25, 2026 at 21:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to at least Sequoia 15.7.5, Sonoma 14.8.5, or Tahoe 26.4 to apply the vendor repair.

Generated by OpenCVE AI on March 25, 2026 at 21:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Permitted Modification of Protected Filesystem Parts via Incorrect Permissions

Wed, 25 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 25 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-732
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:25:55.304Z

Reserved: 2026-03-03T16:36:03.968Z

Link: CVE-2026-28829

cve-icon Vulnrichment

Updated: 2026-03-25T16:10:52.753Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T01:17:08.093

Modified: 2026-03-25T20:01:33.450

Link: CVE-2026-28829

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T21:48:10Z

Weaknesses