CVE-2025-46310
Privilege Escalation in macOS Allows Deletion of Protected Files
Publication date: 2026-02-11
Last updated on: 2026-02-13
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | From 15.0 (inc) to 15.7.4 (exc) |
| apple | macos | From 14.0 (inc) to 14.8.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an attacker who already has root privileges on a macOS system to delete protected system files due to improper state management.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker with root access to delete critical system files, potentially leading to system instability, data loss, or denial of service.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your system to macOS Sequoia 15.7.4 or macOS Sonoma 14.8.4 where the issue has been fixed.
Ensure that only trusted users have root privileges to prevent potential exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know