Lucene search

K
vulnrichmentAppleVULNRICHMENT:CVE-2024-40855
HistoryOct 28, 2024 - 9:08 p.m.

CVE-2024-40855

2024-10-2821:08:13
apple
github.com
improved checks
macos ventura
macos sequoia
macos sonoma
sandboxed app
sensitive user data

AI Score

5.7

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. A sandboxed app may be able to access sensitive user data.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "macos",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "15",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "14.7",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "13.7",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

AI Score

5.7

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2024-40855