A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
The bug lies in improper configuration of permissions to system resources, allowing an application to gain write access to file system areas that should be protected from modification by unprivileged code. Apple resolved the issue by introducing additional permission restrictions. The network vector (AV:N) with no privilege requirements (PR:N) and user interaction (UI:N) indicates a potentially broad attack surface.
An attacker can use a malicious application to modify protected fragments of the macOS file system, which may lead to system integrity violation, privilege escalation, or persistent device infection.
The system should be updated to macOS Sequoia 15.6, macOS Sonoma 14.7.7, or macOS Ventura 13.7.7. Details available in Apple bulletins: https://support.apple.com/en-us/124149, https://support.apple.com/en-us/124150, https://support.apple.com/en-us/124151
Apple macOS Sequoia before version 15.6, macOS Sonoma before version 14.7.7, macOS Ventura before version 13.7.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple macOS
OSApple< 13.7.714.0 – 14.7.7 (bez)15.0 – 15.6 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki