This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to create symlinks to protected regions of the disk.
The issue results from insufficient symlink validation (CWE-59 — Improper Link Resolution Before File Access). A malicious application could create symbolic links pointing to disk areas protected by the system. Apple eliminated the vulnerability by strengthening the symlink verification mechanism.
An attacker, using a malicious application installed on the victim's device, can gain unauthorized access to protected system files or directories, which may lead to disclosure of sensitive data, modification of system files, or system destabilization.
The system should be updated to macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5. Details are available in Apple's guidance: https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375.
Apple macOS Sequoia versions prior to 15.4, macOS Sonoma versions prior to 14.7.5, macOS Ventura versions prior to 13.7.5.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple macOS
OSApple< 13.7.514.0 – 14.7.5 (bez)15.0 – 15.4 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki