exploitDog

CVE-2024-44156

Опубликовано: 28 окт. 2024

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences.

Ссылки

https://support.apple.com/en-us/121568
Release Notes
Vendor Advisory
https://support.apple.com/en-us/121570
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Oct/11
http://seclists.org/fulldisclosure/2024/Oct/12
http://seclists.org/fulldisclosure/2024/Oct/13

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.1 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.1 (исключая)

EPSS

Процентиль: 2%

0.00013

Низкий

7.1 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-862

Связанные уязвимости

GHSA-9vq2-w47q-3pjh

CVSS3: 7.1

github

больше 1 года назад

A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences.

EPSS

Процентиль: 2%

0.00013

Низкий

7.1 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-862