Primary

Context

Apple LaunchServices Path Handling Vulnerability Allowing Sandbox Bypass

Vulnerability

Patched

A path handling vulnerability in the LaunchServices component of macOS Ventura, Sequoia, and Sonoma was addressed with improved validation. This issue allowed applications to read files outside of their designated sandbox, potentially leading to unauthorized access to user data.

Impact

Exploitation of this vulnerability could result in unauthorized access to files and sensitive information, bypassing the application's sandbox restrictions.

Remediation

Users can update to macOS Ventura 13.7.3, macOS Sequoia 15.3, or macOS Sonoma 14.7.3 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple LaunchServices Path Handling Vulnerability Allowing Sandbox Bypass

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Ventura

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating