CVE-2026-28829
Medium
Low
Medium
High
Critical
5.5
CVSS Score
Vulnerability Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Attack Vector
L
Attack Complexity
L
Privileges Required
N
User Interaction
R
Scope
U
Confidentiality
N
Integrity
H
Availability
N
Known Affected Software
40 configuration(s) from 1 vendor(s)
macos
Version:
15.4
CPE:
cpe:2.3:o:apple:macos:15.4:*:*:*:*:*:*:*
macos
Version:
14.3
CPE:
cpe:2.3:o:apple:macos:14.3:*:*:*:*:*:*:*
macos
Version:
14.4
CPE:
cpe:2.3:o:apple:macos:14.4:*:*:*:*:*:*:*
macos
Version:
15.0
CPE:
cpe:2.3:o:apple:macos:15.0:*:*:*:*:*:*:*
macos
Version:
15.6
CPE:
cpe:2.3:o:apple:macos:15.6:*:*:*:*:*:*:*
macos
Version:
14.7.6
CPE:
cpe:2.3:o:apple:macos:14.7.6:*:*:*:*:*:*:*
macos
Version:
14.4.1
CPE:
cpe:2.3:o:apple:macos:14.4.1:*:*:*:*:*:*:*
macos
Version:
14.7.3
CPE:
cpe:2.3:o:apple:macos:14.7.3:*:*:*:*:*:*:*
macos
Version:
14.1
CPE:
cpe:2.3:o:apple:macos:14.1:*:*:*:*:*:*:*
macos
Version:
15.1.1
CPE:
cpe:2.3:o:apple:macos:15.1.1:*:*:*:*:*:*:*
macos
Version:
14.1.1
CPE:
cpe:2.3:o:apple:macos:14.1.1:*:*:*:*:*:*:*
macos
Version:
14.7.2
CPE:
cpe:2.3:o:apple:macos:14.7.2:*:*:*:*:*:*:*
macos
Version:
14.2.1
CPE:
cpe:2.3:o:apple:macos:14.2.1:*:*:*:*:*:*:*
macos
Version:
14.7.8
CPE:
cpe:2.3:o:apple:macos:14.7.8:*:*:*:*:*:*:*
macos
Version:
15.5
CPE:
cpe:2.3:o:apple:macos:15.5:*:*:*:*:*:*:*
macos
Version:
15.7
CPE:
cpe:2.3:o:apple:macos:15.7:*:*:*:*:*:*:*
macos
Version:
14.8.1
CPE:
cpe:2.3:o:apple:macos:14.8.1:*:*:*:*:*:*:*
macos
Version:
15.3.2
CPE:
cpe:2.3:o:apple:macos:15.3.2:*:*:*:*:*:*:*
macos
Version:
14.6
CPE:
cpe:2.3:o:apple:macos:14.6:*:*:*:*:*:*:*
macos
Version:
14.8
CPE:
cpe:2.3:o:apple:macos:14.8:*:*:*:*:*:*:*
macos
Version:
15.6.1
CPE:
cpe:2.3:o:apple:macos:15.6.1:*:*:*:*:*:*:*
macos
Version:
26.0.0
CPE:
cpe:2.3:o:apple:macos:26.0.0:*:*:*:*:*:*:*
macos
Version:
14.8.2
CPE:
cpe:2.3:o:apple:macos:14.8.2:*:*:*:*:*:*:*
macos
Version:
14.7.5
CPE:
cpe:2.3:o:apple:macos:14.7.5:*:*:*:*:*:*:*
macos
Version:
15.2
CPE:
cpe:2.3:o:apple:macos:15.2:*:*:*:*:*:*:*
macos
Version:
15.7.2
CPE:
cpe:2.3:o:apple:macos:15.7.2:*:*:*:*:*:*:*
macos
Version:
14.5
CPE:
cpe:2.3:o:apple:macos:14.5:*:*:*:*:*:*:*
macos
Version:
15.3.1
CPE:
cpe:2.3:o:apple:macos:15.3.1:*:*:*:*:*:*:*
macos
Version:
14.2
CPE:
cpe:2.3:o:apple:macos:14.2:*:*:*:*:*:*:*
macos
Version:
14.7.1
CPE:
cpe:2.3:o:apple:macos:14.7.1:*:*:*:*:*:*:*
macos
Version:
15.4.1
CPE:
cpe:2.3:o:apple:macos:15.4.1:*:*:*:*:*:*:*
macos
Version:
15.1
CPE:
cpe:2.3:o:apple:macos:15.1:*:*:*:*:*:*:*
macos
Version:
15.7.1
CPE:
cpe:2.3:o:apple:macos:15.7.1:*:*:*:*:*:*:*
macos
Version:
14.1.2
CPE:
cpe:2.3:o:apple:macos:14.1.2:*:*:*:*:*:*:*
macos
Version:
14.7
CPE:
cpe:2.3:o:apple:macos:14.7:*:*:*:*:*:*:*
macos
Version:
15.3
CPE:
cpe:2.3:o:apple:macos:15.3:*:*:*:*:*:*:*
macos
Version:
26.0
CPE:
cpe:2.3:o:apple:macos:26.0:*:*:*:*:*:*:*
macos
Version:
14.7.7
CPE:
cpe:2.3:o:apple:macos:14.7.7:*:*:*:*:*:*:*
macos
Version:
14.0
CPE:
cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*
macos
Version:
14.7.4
CPE:
cpe:2.3:o:apple:macos:14.7.4:*:*:*:*:*:*:*
This vulnerability affects 40 software configuration(s). Ensure you patch all affected systems.
References & Resources
Severity Details
5.5
out of 10.0
Medium
Weakness Type (CWE)
CWE-732
Incorrect Permission Assignment for Critical Resource
- Description
- The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Class
Key Information
- Published Date
- March 25, 2026
