A logic issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, tvOS 18, macOS Sequoia 15. A malicious app may be able to modify other apps without having App Management permission.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.