Lucene search
AppleCVELIST:CVE-2024-23245HistoryMar 08, 2024 - 1:36 a.m.
CVE-2024-23245
2024-03-0801:36:01
apple
www.cve.org
cve-2024-23245
third-party shortcuts
legacy action
automator
user consent
macos sonoma 14.4
macos monterey 12.7.4
macos ventura 13.6.5
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.
CNA Affected
[
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "12.7",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "13.6",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "14.4",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-23245
2024-03-08 02:15:48
prion
prion
Code injection
2024-03-08 02:15:00
cve
cve
CVE-2024-23245
2024-03-08 02:15:48
openvas
openvas
Apple Mac OS X Security Update (HT214083)
2024-03-22 00:00:00
Apple Mac OS X Security Update (HT214085)
2024-03-22 00:00:00
Apple Mac OS X Security Update (HT214084)
2024-03-22 00:00:00
nessus
nessus
macOS 12.x < 12.7.4 Multiple Vulnerabilities (HT214083)
2024-03-07 00:00:00
macOS 13.x < 13.6.5 Multiple Vulnerabilities (HT214085)
2024-03-07 00:00:00
macOS 14.x < 14.4 Multiple Vulnerabilities (HT214084)
2024-03-07 00:00:00
apple
apple
About the security content of macOS Monterey 12.7.4
2024-03-07 00:00:00
About the security content of macOS Ventura 13.6.5
2024-03-07 00:00:00
About the security content of macOS Sonoma 14.4
2024-03-07 00:00:00