CVE-2024-40828

2024-07-2922:17:14

apple

github.com

cve

improved checks

macos sonoma 14.6

macos monterey 12.7.6

macos ventura 13.6.8

malicious app

gain root privileges

AI Score

6.2

Confidence

Low

EPSS

Percentile

10.7%

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A malicious app may be able to gain root privileges.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*",
      "cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*",
      "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "macos",
    "versions": [
      {
        "status": "affected",
        "version": "12.0",
        "lessThan": "12.7.6",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "13.0",
        "lessThan": "13.6.8",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "14.0",
        "lessThan": "14.6",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]