CVE-2024-44224
HIGH
7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Description
AI Translation Available
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. A malicious app may be able to gain root privileges.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0002
Percentile
0,0th
Updated
EPSS Score Trend (Last 91 Days)
276
Incorrect Default Permissions
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Potential Impacts:
Read Application Data
Modify Application Data
Applicable Platforms
Technologies:
ICS/OT, Not Technology-Specific
Operating System
Macos by Apple
Version Range Affected
From
13.0
(inclusive)
To
13.7.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Macos by Apple
Version Range Affected
From
14.0
(inclusive)
To
14.7.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Macos by Apple
Version Range Affected
From
15.0
(inclusive)
To
15.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://seclists.org/fulldisclosure/2024/Dec/7
http://seclists.org/fulldisclosure/2024/Dec/8
http://seclists.org/fulldisclosure/2024/Dec/9
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121840
https://support.apple.com/en-us/121842