CVE-2026-28825: An app may be able to modify protected parts of the file system in Apple macOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-28825) is caused by an out-of-bounds write condition in macOS, which was addressed by improved bounds checking. Exploitation could enable an application to modify protected file system areas, potentially impacting system integrity and availability. The issue affects multiple macOS versions prior to the specified patched releases. The CVSS v3.1 base score is 7.1, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, no confidentiality impact, limited integrity impact, and high availability impact.
Potential Impact
An attacker who successfully exploits this vulnerability could modify protected parts of the macOS file system, potentially leading to system instability or denial of service. There is no indication of confidentiality compromise. No known exploits are currently reported in the wild.
Mitigation Recommendations
Apple has released official patches addressing this vulnerability in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. Users and administrators should apply these updates promptly to remediate the issue. Patch status is confirmed by the vendor advisory stating the issue is fixed in these versions.
CVE-2026-28825: An app may be able to modify protected parts of the file system in Apple macOS
Description
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-28825) is caused by an out-of-bounds write condition in macOS, which was addressed by improved bounds checking. Exploitation could enable an application to modify protected file system areas, potentially impacting system integrity and availability. The issue affects multiple macOS versions prior to the specified patched releases. The CVSS v3.1 base score is 7.1, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, no confidentiality impact, limited integrity impact, and high availability impact.
Potential Impact
An attacker who successfully exploits this vulnerability could modify protected parts of the macOS file system, potentially leading to system instability or denial of service. There is no indication of confidentiality compromise. No known exploits are currently reported in the wild.
Mitigation Recommendations
Apple has released official patches addressing this vulnerability in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. Users and administrators should apply these updates promptly to remediate the issue. Patch status is confirmed by the vendor advisory stating the issue is fixed in these versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2026-03-03T16:36:03.968Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 69c333dcf4197a8e3baaea7e
Added to database: 3/25/2026, 1:01:16 AM
Last enriched: 5/1/2026, 8:34:09 PM
Last updated: 5/6/2026, 8:20:09 PM
Views: 26
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.