A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "Block All Remote Content" may not apply for all mail previews.
The issue results from incorrect permission configuration (CWE-276) in the Mail application's sandbox mechanism. When a user enables the "Block All Remote Content" option, intended to block loading of external resources (e.g., tracking images) when previewing messages, this restriction is not consistently applied in all preview display cases. Apple resolved the issue by introducing additional sandbox restrictions.
An attacker sending a crafted email message can bypass the remote content blocking setting, which may result in disclosure of the recipient's IP address, tracking of user activity, and potential exposure of data confidentiality. Depending on the loaded content, further attacks on system integrity and availability are possible.
The system must be updated to the following versions: macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5. Updates are available through the macOS Software Update mechanism and at the addresses provided in the vendor's references (support.apple.com).
Apple macOS Sequoia versions prior to 15.4, Apple macOS Sonoma versions prior to 14.7.5, Apple macOS Ventura versions prior to 13.7.5.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple macOS
OSApple< 13.7.514.0 – 14.7.5 (bez)15.0 – 15.4 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki