Lucene search

[email protected]NVD:CVE-2024-40860

HistorySep 17, 2024 - 12:15 a.m.

CVE-2024-40860

2024-09-1700:15:49

[email protected]

web.nvd.nist.gov

logic issue address

improved checks

macos sonoma 14.7

macos sequoia 15

file system modification

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

Percentile

9.6%

JSON

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.

Affected configurations

Nvd

Node

applemacosRange<14.7

VendorProductVersionCPE
applemacos*cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	macos	*	cpe:2.3:o:apple:macos::::::::

References

support.apple.com/en-us/121238

support.apple.com/en-us/121247

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

Percentile

9.6%

JSON

Related for NVD:CVE-2024-40860

vulnrichment1 cvelist1 cve1 nessus1 openvas1