This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/122373 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/122374 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/122375 | Release Notes Vendor Advisory |
| http://seclists.org/fulldisclosure/2025/Apr/10 | |
| http://seclists.org/fulldisclosure/2025/Apr/8 | |
| http://seclists.org/fulldisclosure/2025/Apr/9 |
Configurations
Configuration 1 (hide)
|
History
03 Nov 2025, 22:18
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
04 Apr 2025, 18:14
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
| First Time |
Apple
Apple macos |
|
| Summary |
|
|
| References | () https://support.apple.com/en-us/122373 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/122374 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/122375 - Release Notes, Vendor Advisory |
01 Apr 2025, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CWE | CWE-284 |
31 Mar 2025, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-31 23:15
Updated : 2025-11-03 22:18
NVD link : CVE-2025-31187
Mitre link : CVE-2025-31187
CVE.ORG link : CVE-2025-31187
JSON object : View
Products Affected
apple
- macos
CWE
CWE-284
Improper Access Control