CVE-2025-31244 — Protection Mechanism Failure in Apple Macos

CWE-693 — Protection Mechanism Failure3 documents3 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 77.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple Macos Sequoia

Timeline

PublishedMay 12

Latest updateMay 13

Description

A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages2 packages

▶Appleapple/macos_sequoia15.5

▶NVDapple/macos< 15.5

🔴Vulnerability Details

GHSA

GHSA-v8vh-f89p-82w5: A file quarantine bypass was addressed with additional checks↗2025-05-13

▶

📋Vendor Advisories

Apple

CVE-2025-31244: macOS Sequoia 15.5↗2025-05-12

▶