Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.4. An app may be able to gain root privileges.
Published: 2026-05-11
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A permissions flaw in macOS can allow a malicious application to gain root privileges, enabling full control over the system. The vulnerability was remediated by enforcing stricter permission checks, but prior to that patch an exploited app could elevate its privileges. The impact is a full compromise of confidentiality, integrity, and availability for the affected device.

Affected Systems

Apple's macOS platform is affected, including the Sequoia, Sonoma, and Tahoe releases. The issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.4, so all earlier versions are vulnerable.

Risk and Exploitability

The EPSS score is < 1% and the issue is not listed in the CISA KEV catalog, but the vulnerability inherently allows an attacker to execute actions with root privileges. The CVSS score of 7.8 indicates a high risk, and the ability to gain administrative control makes this a significant flaw. A likely attack vector is a malicious application that a user runs; the application can abuse the relaxed permission checks to elevate itself to root. This local exploitation path does not require external network connectivity, and the compromise chain is straightforward once the application can access the compromised permission set. No public exploits were reported in the provided data.

Generated by OpenCVE AI on May 12, 2026 at 17:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade macOS to at least Sequoia 15.7.7, Sonoma 14.8.7, or Tahoe 26.4, which includes the fixed permission checks.
  • Reboot the system after applying the update to ensure the new security policies take effect.
  • Monitor system logs for any unauthorized privilege‑escalation attempts that might indicate residual or future exploitation attempts.

Generated by OpenCVE AI on May 12, 2026 at 17:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 18:00:00 +0000

Type Values Removed Values Added
Title macOS Privilege Escalation via Permissions Flaw

Tue, 12 May 2026 16:45:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via macOS Permissions Issue
Weaknesses CWE-284

Tue, 12 May 2026 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Tue, 12 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 11 May 2026 22:00:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via macOS Permissions Issue
First Time appeared Apple
Apple macos
Weaknesses CWE-269
CWE-284
Vendors & Products Apple
Apple macos

Mon, 11 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.4. An app may be able to gain root privileges.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-05-13T03:57:47.712Z

Reserved: 2026-03-03T16:36:03.969Z

Link: CVE-2026-28840

cve-icon Vulnrichment

Updated: 2026-05-12T13:31:58.447Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-11T21:18:51.307

Modified: 2026-05-12T15:46:08.190

Link: CVE-2026-28840

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T17:45:20Z

Weaknesses