CVE-2024-40825

Опубликовано: 17 сент. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 6

EPSS Низкий

Описание

The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.

Ссылки

https://support.apple.com/en-us/121238
Vendor Advisory
https://support.apple.com/en-us/121249
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/33
http://seclists.org/fulldisclosure/2024/Sep/36

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 15.0 (исключая)

cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

Версия до 2.0 (исключая)

EPSS

Процентиль: 4%

0.0002

Низкий

4.4 Medium

CVSS3

6 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284

Связанные уязвимости

GHSA-79c6-5cw9-rpwc

CVSS3: 6

github

больше 1 года назад

The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.

EPSS

Процентиль: 4%

0.0002

Низкий

4.4 Medium

CVSS3

6 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284