7.3 High
CVSS4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
ACTIVE
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H/S:N/AU:N/U:Green/R:U/V:D/RE:M
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation.
[
{
"vendor": "JAMF",
"product": "Jamf Compliance Editor",
"versions": [
{
"status": "affected",
"version": "1",
"lessThan": "1.3.1",
"versionType": "custom"
}
],
"platforms": [
"MacOS"
],
"defaultStatus": "affected"
}
]
github.com/Jamf-Concepts/jamf-compliance-editor/raw/v1.3.1/Jamf%20Compliance%20Editor%20-%20User%20Guide.pdf
github.com/Jamf-Concepts/jamf-compliance-editor/releases/download/v1.3.1/JamfComplianceEditor.v1.3.1.pkg
khronokernel.com/macos/2024/05/01/CVE-2024-4395.html
trusted.jamf.com/docs/establishing-compliance-baselines#support