Lucene search
AppleCVE-2024-40825HistorySep 17, 2024 - 12:15 a.m.
CVE-2024-40825
2024-09-1700:15:48
CWE-284
apple
web.nvd.nist.gov
19
privilege escalation
visionos 2
macos sequoia 15
system files modification
CVSS3
6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
9.6%
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.
Affected configurations
Node
applemacosRange<15
ORapplevisionosRange<2
CNA Affected
[
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "15",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "visionOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "2",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-40825
2024-09-16 23:23:26
nvd
nvd
CVE-2024-40825
2024-09-17 00:15:48
cvelist
cvelist
CVE-2024-40825
2024-09-16 23:23:26
CVSS3
6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
9.6%
Related for CVE-2024-40825