CVE-2024-40858

Published: Apr 02, 2026 Last Modified: Apr 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,1

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access Contacts without user consent.

284

Improper Access Control

Incomplete

Abstraction: Pillar Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

Technologies: ICS/OT, Not Technology-Specific, Web Based

View CWE Details

https://support.apple.com/en-us/121564

CVE-2024-40858

Description

Improper Access Control

Common Consequences

Applicable Platforms

Iscriviti alla newsletter