Primary

Context

Apple macOS Symlink Validation Vulnerability Allowing Access to Protected User Data

Vulnerability

Patched

A vulnerability exists in both macOS Sonoma 14.8.2 and macOS Sequoia 15.7.2, where an application may access protected user data due to improper handling of symbolic links. This issue has been addressed with improved validation of symlinks.

Impact

Exploitation of this vulnerability could allow an application to access sensitive user data that is normally protected.

Added: Nov 4, 2025, 3:10 AM

Updated: Nov 4, 2025, 3:10 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Symlink Validation Vulnerability Allowing Access to Protected User Data

Vulnerability

Impact

Affected Products

Apple macOS Sonoma

Apple macOS Sequoia

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating