CVE-2025-46310Improper Privilege Management in Apple Macos

CWE-269Improper Privilege Management6 documents5 sources
Severity
6.0MEDIUMNVD
EPSS
0.0%
top 99.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Macos
Timeline
PublishedFeb 11
Latest updateFeb 12

Description

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An attacker with root privileges may be able to delete protected system files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HExploitability: 0.8 | Impact: 5.2

Affected Packages2 packages

CVEListV5apple/macos< 14.8.4+1
NVDapple/macos14.014.8.4+1

🔴Vulnerability Details

2
GHSA
GHSA-pr6p-6x97-5c59: This issue was addressed through improved state management2026-02-12
CVEList
CVE-2025-46310: This issue was addressed through improved state management2026-02-11

📋Vendor Advisories

2
Apple
CVE-2025-46310: macOS Sonoma 14.8.42026-02-11
Apple
CVE-2025-46310: macOS Sequoia 15.7.42026-02-11

🕵️Threat Intelligence

1
Wiz
CVE-2025-46310 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-46310 — Improper Privilege Management in Apple | cvebase