cbcvebase.
CVE-2025-46289
published 2025-12-12

CVE-2025-46289: A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able…

PriorityP279medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.19%
9.2th percentile
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.

Affected

8 ranges
VendorProductVersion rangeFixed in
applemacos< 14.8.314.8.3
applemacos< 15.7.315.7.3
applemacos< 26.226.2
applemacos>= 14.0 < 14.8.314.8.3
applemacos>= 15.0 < 15.7.315.7.3
applemacos_sequoia
applemacos_sonoma
applemacos_tahoe

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability resides in the AppSandbox component on macOS; monitor for sandboxed apps accessing protected user data directories outside their entitlements
  • A logic issue in file handling is the root cause; look for anomalous file open/read syscalls from sandboxed processes targeting protected paths (e.g., ~/Library, contacts, photos, location data)
  • Affected macOS versions: Sequoia < 15.7.3, Sonoma < 14.8.3, Tahoe < 26.2; unpatched hosts are candidates for exploitation of this AppSandbox bypass
  • ·No technical details, PoC, or exploitation indicators have been publicly disclosed; all detection guidance is based solely on the advisory description
  • ·The flaw is limited to the AppSandbox component; only sandboxed macOS applications are relevant attack vectors — non-sandboxed apps are not affected by this specific bypass

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vulncheck5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.