Primary

Context

Apple macOS Symlink Validation Vulnerability Allowing Access to Protected User Data

Vulnerability

Patched

A vulnerability exists in the handling of symbolic links in Apple macOS Sonoma 14.8.2 and macOS Sequoia 15.7.2. This vulnerability allows applications to potentially access protected user data. The issue arises from inadequate validation of symlinks, which could be exploited to bypass data access restrictions.

Impact

Exploitation of this vulnerability could lead to unauthorized access to protected user data by applications.

Added: Nov 4, 2025, 3:11 AM

Updated: Nov 4, 2025, 3:11 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Symlink Validation Vulnerability Allowing Access to Protected User Data

Vulnerability

Impact

Affected Products

Apple macOS Sonoma

Apple macOS Sequoia

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating