Primary

Context

Apple QuickTime Player Sandbox Bypass Vulnerability Allowing Unauthorized File Access

Vulnerability

Patched

A vulnerability exists in QuickTime Player on macOS Sonoma 14.7.2, macOS Sequoia 15.2, and macOS Ventura 13.7.2, allowing applications to read and write files outside of their designated sandbox. This issue arises from insufficient entitlement checks, which could enable unauthorized access to user data.

Impact

Exploitation of this vulnerability could lead to unauthorized access and modification of files, bypassing the application's sandbox restrictions.

Remediation

Users can update to macOS Sonoma 14.7.2, macOS Sequoia 15.2, or macOS Ventura 13.7.2 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

5.0

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

5.0

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple QuickTime Player Sandbox Bypass Vulnerability Allowing Unauthorized File Access

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Sonoma

Apple macOS Sequoia

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating