AI description
CVE-2025-31258 is a vulnerability in macOS Sequoia that allows a malicious application to break out of its sandbox. This is a critical security measure designed to isolate potentially harmful software from affecting the broader system. By escaping the sandbox, an application can gain unauthorized access to sensitive system resources and user data. The vulnerability resides in RemoteViewServices, a core macOS framework responsible for handling content rendering and previews. Apple addressed this issue in macOS Sequoia 15.5 by removing the vulnerable code. A proof-of-concept exploit demonstrating a partial sandbox escape has been released.
- Description
- This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-284
- Hype score
- Not currently trending
به تازگی برای macOS , آسیب پذیری با کد شناسایی CVE-2025-31258 منتشر شده است. نمره این آسیب پذیری 7.8 می باشد . برای پیشگیری و مقابله سیستم عامل macOS خود را به نسخه 14.3 به ر
@AmirHossein_sec
18 May 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
another 1day practice: CVE-2025-31258 (patched in macOS 15.5) Escaped macOS sandbox, but partial. https://t.co/vNs7OOZR7Z
@minacrissDev_
16 May 2025
973 Impressions
3 Retweets
14 Likes
3 Bookmarks
0 Replies
0 Quotes
macOS「RemoteViewServices」にサンドボックス回避の脆弱性(CVE-2025-31258)-PoCが公開中 #セキュリティ対策Lab #セキュリティ #Security https://t.co/wM0KNi2Je7
@securityLab_jp
14 May 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC Released: CVE-2025-31258 Sandbox Escape in macOS via RemoteViewServices https://t.co/YsyHJewEDR
@Dinosn
13 May 2025
2275 Impressions
5 Retweets
21 Likes
6 Bookmarks
0 Replies
0 Quotes
another 1day practice: CVE-2025-31258 (patched in macOS 15.5) Escaped macOS sandbox, but partial. Source Code: https://t.co/wqjzyff86D Demo Video: https://t.co/1ak0ubz1Pi
@wh1te4ever
13 May 2025
16904 Impressions
36 Retweets
171 Likes
68 Bookmarks
1 Reply
1 Quote
CVE-2025-31258 This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox. https://t.co/nW3GUWn5LA
@CVEnew
12 May 2025
273 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF1B4AB8-2B51-4EED-BD29-C500C83FAB10",
"versionEndExcluding": "15.5"
}
],
"operator": "OR"
}
]
}
]