{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-31258", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-03-27T16:13:58.337Z", "datePublished": "2025-05-12T21:42:14.699Z", "dateUpdated": "2026-04-02T18:07:08.842Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to break out of its sandbox"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.5", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox."}], "references": [{"url": "https://support.apple.com/en-us/122716"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:07:08.842Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-31258", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-14T04:01:00.969756Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T18:28:40.410Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/May/7"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:52:34.353Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/May/7"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:52:34.353Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-31258", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-14T04:01:00.969756Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T17:34:32.705Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.5", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122716"}], "descriptions": [{"lang": "en", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to break out of its sandbox"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-05-12T21:42:14.699Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31258", "state": "PUBLISHED", "dateUpdated": "2026-02-26T18:28:40.410Z", "dateReserved": "2025-03-27T16:13:58.337Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-05-12T21:42:14.699Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF1B4AB8-2B51-4EED-BD29-C500C83FAB10", "versionEndExcluding": "15.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox."}, {"lang": "es", "value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema est\u00e1 corregido en macOS Sequoia 15.5. Una aplicaci\u00f3n podr\u00eda escapar de su entorno de pruebas."}], "id": "CVE-2025-31258", "lastModified": "2025-11-03T20:18:23.873", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-05-12T22:15:25.557", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122716"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/May/7"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T11:29:31.352644+00:00", "value": {"mitigation_remediation": ["Update macOS to Sequoia 15.5 or later.", "If a full update cannot be applied immediately, restrict installation of unverified or unknown applications and avoid running unfamiliar binaries.", "Continuously monitor system logs and process activity for signs of privilege escalation or anomalous behavior."], "summary": {"action": "Apply Update", "impact": "Privilege Escalation via Sandbox Escape"}, "threat_synthesis": {"affected_systems": "Apple macOS installations before the release of Sequoia 15.5 are affected. The vulnerability was fixed in macOS Sequoia 15.5, so any version older than that may still be vulnerable unless a later update is applied.", "description_and_impact": "A flaw in macOS allowed an application to escape its sandbox, granting access to resources normally restricted by the operating system. The vulnerability was mitigated by eliminating the vulnerable code path. Because the sandbox is designed to confine apps, breaching it lets a malicious or compromised app potentially read or modify system files, access sensitive data, or execute additional code with higher privileges.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity, but the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation would likely require a malicious app to be executed on the target machine; the attacker would then leverage the sandbox breach to elevate privileges. As the flaw resides in the operating system, it is not limited to a particular application and could affect any trusted or compromised app running under the sandbox."}}}}, "created": "2026-04-28T11:30:29.837408+00:00", "title": "macOS Sandbox Escape Vulnerability", "updated": "2026-04-28T11:30:29.837418+00:00", "vendors": []}