A permissions issue in macOS allowed a malicious or improperly designed application to modify protected parts of the file system, compromising system integrity and potentially enabling further escalation of privileges. The vulnerability is a classic example of improper access control and falls under the CWE-284 category. Once an application can write to these protected locations, it can alter system files or configuration, undermining confidentiality and availability of the operating system. The impact is limited to the local user context that runs the application, but if the application is privileged, the consequences expand to the entire system.

Apple macOS platforms were affected, including macOS Sequoia prior to version 15.7.5, macOS Sonoma prior to 14.8.5, and macOS Tahoe prior to 26.4. Users on these versions are susceptible to the described file system modification risk.

The CVSS base score of 5.5 indicates moderate severity, and the EPSS score of less than 1% suggests low likelihood of exploitation in the wild. The vulnerability was mitigated by removing the vulnerable code, and it is not listed in CISA's KEV catalog. Exploitation would require the attacker to run or trick a user into running a malicious application with the appropriate file system access; therefore, local environmental conditions and user behavior influence the risk. No publicly available remote exploitation path was documented, implying that the attack surface is primarily local.