{"id":2547,"date":"2025-05-02T07:13:53","date_gmt":"2025-05-02T07:13:53","guid":{"rendered":"http:\/\/localhost\/?p=2547"},"modified":"2025-05-02T07:13:53","modified_gmt":"2025-05-02T07:13:53","slug":"analyzing-cve-2025-31191-a-macos-security-scoped-bookmarks-based-sandbox-escape","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=2547","title":{"rendered":"Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nAnalyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape<\/td>\n<\/tr>\n
Type<\/th>\nmssecure<\/td>\n<\/tr>\n
Published<\/th>\n2025-05-01T17:00:00<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-05-01T18:18:33<\/td>\n<\/tr>\n
CVSS Score<\/th>\n8.8 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nLOCAL<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nLOW<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Availability Impact<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2021-30864, CVE-2022-26696, CVE-2022-26706, CVE-2025-31191<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nblog<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. An attacker could create an exploit to escape the App Sandbox without…\n <\/div>\n<\/p><\/div>\n
\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n8.8<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n