Описание
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-23245
- https://support.apple.com/en-us/HT214083
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214085
- https://support.apple.com/kb/HT214083
- https://support.apple.com/kb/HT214084
- https://support.apple.com/kb/HT214085
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/22
- http://seclists.org/fulldisclosure/2024/Mar/23
Связанные уязвимости
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.