Vulnerability-Lookup

CVE-2024-54463 (GCVE-0-2024-54463)

Vulnerability from cvelistv5 – Published: 2025-03-10 19:11 – Updated: 2026-04-02 18:13

Summary

This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

An app may be able to access removable volumes without user consent

Assigner

apple

References

1 reference

URL	Tags
https://support.apple.com/en-us/121238

Impacted products

1 product

Vendor	Product	Version
Apple	macOS	Affected: 0 , < 15 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-54463",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-11T02:46:17.908845Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-11T02:47:09.447Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access removable volumes without user consent",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:13:58.902Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/121238"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2024-54463",
    "datePublished": "2025-03-10T19:11:10.755Z",
    "dateReserved": "2024-12-03T22:50:35.492Z",
    "dateUpdated": "2026-04-02T18:13:58.902Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-54463",
      "date": "2026-05-16",
      "epss": "0.00171",
      "percentile": "0.37924"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-54463\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2025-03-10T19:15:38.290\",\"lastModified\":\"2025-03-14T12:00:22.240\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.\"},{\"lang\":\"es\",\"value\":\"Este problema se solucion\u00f3 con derechos mejorados. Este problema se solucion\u00f3 en macOS Sequoia 15. Una aplicaci\u00f3n puede tener acceso a vol\u00famenes extra\u00edbles sin el consentimiento del usuario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.0\",\"matchCriteriaId\":\"E8017C16-A17E-4AE7-9A0B-1295200A3A45\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/121238\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\",\"Release Notes\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-54463\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-11T02:46:17.908845Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-11T02:46:49.328Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Apple\", \"product\": \"macOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"15\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://support.apple.com/en-us/121238\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"An app may be able to access removable volumes without user consent\"}]}], \"providerMetadata\": {\"orgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"shortName\": \"apple\", \"dateUpdated\": \"2026-04-02T18:13:58.902Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-54463\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-02T18:13:58.902Z\", \"dateReserved\": \"2024-12-03T22:50:35.492Z\", \"assignerOrgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"datePublished\": \"2025-03-10T19:11:10.755Z\", \"assignerShortName\": \"apple\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

WID-SEC-W-2024-2154

Vulnerability from csaf_certbund - Published: 2024-09-16 22:00 - Updated: 2025-03-11 23:00

Summary

Apple macOS: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erhöhen, einen Denial-of-Service-Zustand herbeizuführen, Spoofing-Angriffe durchzuführen, Daten zu ändern, Sicherheitsmaßnahmen zu umgehen und vertrauliche Informationen offenzulegen

Betroffene Betriebssysteme: - MacOS X

CVE-2023-4504

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2023-5841

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-23237

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27792

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27795

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27809

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27849

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27853

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27858

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27859

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27860

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27861

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27869

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27875

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27876

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27880

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27886

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27887

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-27888

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-39894

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40770

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40791

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40792

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40797

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40801

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40814

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40825

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40826

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40831

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40837

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40838

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40841

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40842

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40843

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40844

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40845

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40846

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40847

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40848

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40850

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40855

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40856

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40857

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40859

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40860

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40861

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-40866

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-41957

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44122

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44123

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44125

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44126

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44128

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44129

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44130

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44131

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44132

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44133

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44134

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44135

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44137

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44144

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44145

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44146

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44148

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44149

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44151

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44152

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44153

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44154

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44155

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44158

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44160

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44161

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44163

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44164

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44165

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44166

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44167

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44168

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44169

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44170

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44172

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44174

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44175

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44176

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44177

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44178

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44179

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44181

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44182

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44183

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44184

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44186

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44187

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44188

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44189

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44190

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44191

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44192

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44198

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44203

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44208

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-44227

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54463

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54467

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54469

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54473

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54546

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54558

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54560

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

CVE-2024-54658

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Apple macOS Sequoia <15 Apple / macOS		Sequoia <15
Apple macOS Sonoma <14.7 Apple / macOS		Sonoma <14.7
Apple macOS Ventura <13.7 Apple / macOS		Ventura <13.7

References

8 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.apple.com/en-us/121238	external
https://support.apple.com/en-us/121247	external
https://support.apple.com/en-us/121234	external
https://lists.apple.com/archives/security-announc…	external
https://lists.apple.com/archives/security-announc…	external
https://lists.apple.com/archives/security-announc…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erh\u00f6hen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Spoofing-Angriffe durchzuf\u00fchren, Daten zu \u00e4ndern, Sicherheitsma\u00dfnahmen zu umgehen und vertrauliche Informationen offenzulegen",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- MacOS X",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-2154 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2154.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-2154 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2154"
      },
      {
        "category": "external",
        "summary": "About the security content of macOS Sequoia 15 vom 2024-09-16",
        "url": "https://support.apple.com/en-us/121238"
      },
      {
        "category": "external",
        "summary": "About the security content of macOS Sonoma 14.7 vom 2024-09-16",
        "url": "https://support.apple.com/en-us/121247"
      },
      {
        "category": "external",
        "summary": "About the security content of macOS Ventura 13.7 vom 2024-09-16",
        "url": "https://support.apple.com/en-us/121234"
      },
      {
        "category": "external",
        "summary": "APPLE-SA-09-16-2024-10 macOS Ventura 13.7 vom 2024-09-16",
        "url": "https://lists.apple.com/archives/security-announce/2024/Sep/msg00009.html"
      },
      {
        "category": "external",
        "summary": "APPLE-SA-09-16-2024-2 macOS Sequoia 15 vom 2024-09-16",
        "url": "https://lists.apple.com/archives/security-announce/2024/Sep/msg00001.html"
      },
      {
        "category": "external",
        "summary": "APPLE-SA-09-16-2024-9 macOS Sonoma 14.7 vom 2024-09-16",
        "url": "https://lists.apple.com/archives/security-announce/2024/Sep/msg00008.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Apple macOS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-03-11T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-12T09:22:54.279+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-2154",
      "initial_release_date": "2024-09-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-09-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-10-28T23:00:00.000+00:00",
          "number": "2",
          "summary": "CVE\u0027s erg\u00e4nzt"
        },
        {
          "date": "2025-02-05T23:00:00.000+00:00",
          "number": "3",
          "summary": "CVE\u0027s erg\u00e4nzt"
        },
        {
          "date": "2025-03-11T23:00:00.000+00:00",
          "number": "4",
          "summary": "CVE-Nummern erg\u00e4nzt"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Sequoia \u003c15",
                "product": {
                  "name": "Apple macOS Sequoia \u003c15",
                  "product_id": "T037659"
                }
              },
              {
                "category": "product_version",
                "name": "Sequoia 15",
                "product": {
                  "name": "Apple macOS Sequoia 15",
                  "product_id": "T037659-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:sequoia__15"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Sonoma \u003c14.7",
                "product": {
                  "name": "Apple macOS Sonoma \u003c14.7",
                  "product_id": "T037660"
                }
              },
              {
                "category": "product_version",
                "name": "Sonoma 14.7",
                "product": {
                  "name": "Apple macOS Sonoma 14.7",
                  "product_id": "T037660-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:sonoma__14.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Ventura \u003c13.7",
                "product": {
                  "name": "Apple macOS Ventura \u003c13.7",
                  "product_id": "T037661"
                }
              },
              {
                "category": "product_version",
                "name": "Ventura 13.7",
                "product": {
                  "name": "Apple macOS Ventura 13.7",
                  "product_id": "T037661-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:ventura__13.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "macOS"
          }
        ],
        "category": "vendor",
        "name": "Apple"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4504",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2023-4504"
    },
    {
      "cve": "CVE-2023-5841",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2023-5841"
    },
    {
      "cve": "CVE-2024-23237",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-23237"
    },
    {
      "cve": "CVE-2024-27792",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27792"
    },
    {
      "cve": "CVE-2024-27795",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27795"
    },
    {
      "cve": "CVE-2024-27809",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27809"
    },
    {
      "cve": "CVE-2024-27849",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27849"
    },
    {
      "cve": "CVE-2024-27853",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27853"
    },
    {
      "cve": "CVE-2024-27858",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27858"
    },
    {
      "cve": "CVE-2024-27859",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27859"
    },
    {
      "cve": "CVE-2024-27860",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27860"
    },
    {
      "cve": "CVE-2024-27861",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27861"
    },
    {
      "cve": "CVE-2024-27869",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27869"
    },
    {
      "cve": "CVE-2024-27875",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27875"
    },
    {
      "cve": "CVE-2024-27876",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27876"
    },
    {
      "cve": "CVE-2024-27880",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27880"
    },
    {
      "cve": "CVE-2024-27886",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27886"
    },
    {
      "cve": "CVE-2024-27887",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27887"
    },
    {
      "cve": "CVE-2024-27888",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-27888"
    },
    {
      "cve": "CVE-2024-39894",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-39894"
    },
    {
      "cve": "CVE-2024-40770",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40770"
    },
    {
      "cve": "CVE-2024-40791",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40791"
    },
    {
      "cve": "CVE-2024-40792",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40792"
    },
    {
      "cve": "CVE-2024-40797",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40797"
    },
    {
      "cve": "CVE-2024-40801",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40801"
    },
    {
      "cve": "CVE-2024-40814",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40814"
    },
    {
      "cve": "CVE-2024-40825",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40825"
    },
    {
      "cve": "CVE-2024-40826",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40826"
    },
    {
      "cve": "CVE-2024-40831",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40831"
    },
    {
      "cve": "CVE-2024-40837",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40837"
    },
    {
      "cve": "CVE-2024-40838",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40838"
    },
    {
      "cve": "CVE-2024-40841",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40841"
    },
    {
      "cve": "CVE-2024-40842",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40842"
    },
    {
      "cve": "CVE-2024-40843",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40843"
    },
    {
      "cve": "CVE-2024-40844",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40844"
    },
    {
      "cve": "CVE-2024-40845",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40845"
    },
    {
      "cve": "CVE-2024-40846",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40846"
    },
    {
      "cve": "CVE-2024-40847",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40847"
    },
    {
      "cve": "CVE-2024-40848",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40848"
    },
    {
      "cve": "CVE-2024-40850",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40850"
    },
    {
      "cve": "CVE-2024-40855",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40855"
    },
    {
      "cve": "CVE-2024-40856",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40856"
    },
    {
      "cve": "CVE-2024-40857",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40857"
    },
    {
      "cve": "CVE-2024-40859",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40859"
    },
    {
      "cve": "CVE-2024-40860",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40860"
    },
    {
      "cve": "CVE-2024-40861",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40861"
    },
    {
      "cve": "CVE-2024-40866",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-40866"
    },
    {
      "cve": "CVE-2024-41957",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-41957"
    },
    {
      "cve": "CVE-2024-44122",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44122"
    },
    {
      "cve": "CVE-2024-44123",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44123"
    },
    {
      "cve": "CVE-2024-44125",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44125"
    },
    {
      "cve": "CVE-2024-44126",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44126"
    },
    {
      "cve": "CVE-2024-44128",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44128"
    },
    {
      "cve": "CVE-2024-44129",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44129"
    },
    {
      "cve": "CVE-2024-44130",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44130"
    },
    {
      "cve": "CVE-2024-44131",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44131"
    },
    {
      "cve": "CVE-2024-44132",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44132"
    },
    {
      "cve": "CVE-2024-44133",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44133"
    },
    {
      "cve": "CVE-2024-44134",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44134"
    },
    {
      "cve": "CVE-2024-44135",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44135"
    },
    {
      "cve": "CVE-2024-44137",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44137"
    },
    {
      "cve": "CVE-2024-44144",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44144"
    },
    {
      "cve": "CVE-2024-44145",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44145"
    },
    {
      "cve": "CVE-2024-44146",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44146"
    },
    {
      "cve": "CVE-2024-44148",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44148"
    },
    {
      "cve": "CVE-2024-44149",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44149"
    },
    {
      "cve": "CVE-2024-44151",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44151"
    },
    {
      "cve": "CVE-2024-44152",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44152"
    },
    {
      "cve": "CVE-2024-44153",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44153"
    },
    {
      "cve": "CVE-2024-44154",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44154"
    },
    {
      "cve": "CVE-2024-44155",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44155"
    },
    {
      "cve": "CVE-2024-44158",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44158"
    },
    {
      "cve": "CVE-2024-44160",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44160"
    },
    {
      "cve": "CVE-2024-44161",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44161"
    },
    {
      "cve": "CVE-2024-44163",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44163"
    },
    {
      "cve": "CVE-2024-44164",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44164"
    },
    {
      "cve": "CVE-2024-44165",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44165"
    },
    {
      "cve": "CVE-2024-44166",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44166"
    },
    {
      "cve": "CVE-2024-44167",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44167"
    },
    {
      "cve": "CVE-2024-44168",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44168"
    },
    {
      "cve": "CVE-2024-44169",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44169"
    },
    {
      "cve": "CVE-2024-44170",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44170"
    },
    {
      "cve": "CVE-2024-44172",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44172"
    },
    {
      "cve": "CVE-2024-44174",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44174"
    },
    {
      "cve": "CVE-2024-44175",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44175"
    },
    {
      "cve": "CVE-2024-44176",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44176"
    },
    {
      "cve": "CVE-2024-44177",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44177"
    },
    {
      "cve": "CVE-2024-44178",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44178"
    },
    {
      "cve": "CVE-2024-44179",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44179"
    },
    {
      "cve": "CVE-2024-44181",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44181"
    },
    {
      "cve": "CVE-2024-44182",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44182"
    },
    {
      "cve": "CVE-2024-44183",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44183"
    },
    {
      "cve": "CVE-2024-44184",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44184"
    },
    {
      "cve": "CVE-2024-44186",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44186"
    },
    {
      "cve": "CVE-2024-44187",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44187"
    },
    {
      "cve": "CVE-2024-44188",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44188"
    },
    {
      "cve": "CVE-2024-44189",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44189"
    },
    {
      "cve": "CVE-2024-44190",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44190"
    },
    {
      "cve": "CVE-2024-44191",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44191"
    },
    {
      "cve": "CVE-2024-44192",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44192"
    },
    {
      "cve": "CVE-2024-44198",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44198"
    },
    {
      "cve": "CVE-2024-44203",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44203"
    },
    {
      "cve": "CVE-2024-44208",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44208"
    },
    {
      "cve": "CVE-2024-44227",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-44227"
    },
    {
      "cve": "CVE-2024-54463",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54463"
    },
    {
      "cve": "CVE-2024-54467",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54467"
    },
    {
      "cve": "CVE-2024-54469",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54469"
    },
    {
      "cve": "CVE-2024-54473",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54473"
    },
    {
      "cve": "CVE-2024-54546",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54546"
    },
    {
      "cve": "CVE-2024-54558",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54558"
    },
    {
      "cve": "CVE-2024-54560",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54560"
    },
    {
      "cve": "CVE-2024-54658",
      "product_status": {
        "known_affected": [
          "T037659",
          "T037660",
          "T037661"
        ]
      },
      "release_date": "2024-09-16T22:00:00.000+00:00",
      "title": "CVE-2024-54658"
    }
  ]
}

BDU:2025-02514

Vulnerability from fstec - Published: 03.03.2025

Title

Уязвимость приложения переноса изображений и видео Image Capture («Захват изображений») операционных систем macOS, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации

Description

Уязвимость приложения переноса изображений и видео Image Capture («Захват изображений») операционных систем macOS связана с нарушением механизма защиты данных. Эксплуатация уязвимости может позволить нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N


                    
                      AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

Vendor

Apple Inc.

Software Name

MacOS

Software Version

Sequoia до 15.0 (MacOS)

Possible Mitigations

Использование рекомендаций: https://support.apple.com/en-us/121238

Reference

https://support.apple.com/en-us/121238 https://www.cybersecurity-help.cz/vdb/SB2024091707

CWE

CWE-693

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
  "CVSS 4.0": "AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear",
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Apple Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "Sequoia \u0434\u043e 15.0 (MacOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://support.apple.com/en-us/121238",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.03.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.03.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.03.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-02514",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-54463",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "MacOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Apple Inc. MacOS Sequoia \u0434\u043e 15.0 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0430 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0438 \u0432\u0438\u0434\u0435\u043e Image Capture (\u00ab\u0417\u0430\u0445\u0432\u0430\u0442 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439\u00bb) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c macOS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-693)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0430 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0438 \u0432\u0438\u0434\u0435\u043e Image Capture (\u00ab\u0417\u0430\u0445\u0432\u0430\u0442 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439\u00bb) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c macOS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://support.apple.com/en-us/121238\nhttps://www.cybersecurity-help.cz/vdb/SB2024091707",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-693",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 1,7)\n\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,3)\n\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 1,1)"
}

GHSA-68PV-Q73M-P25V

Vulnerability from github – Published: 2025-03-10 21:31 – Updated: 2025-03-11 03:30

Details

This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-54463"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-10T19:15:38Z",
    "severity": "MODERATE"
  },
  "details": "This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.",
  "id": "GHSA-68pv-q73m-p25v",
  "modified": "2025-03-11T03:30:49Z",
  "published": "2025-03-10T21:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54463"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121238"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-54463

Vulnerability from fkie_nvd - Published: 2025-03-10 19:15 - Updated: 2025-03-14 12:00

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Summary

This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.

References

	URL	Tags
	product-security@apple.com	https://support.apple.com/en-us/121238	Release Notes, Vendor Advisory

Impacted products

	Vendor	Product	Version
	apple	macos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45",
              "versionEndExcluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent."
    },
    {
      "lang": "es",
      "value": "Este problema se solucion\u00f3 con derechos mejorados. Este problema se solucion\u00f3 en macOS Sequoia 15. Una aplicaci\u00f3n puede tener acceso a vol\u00famenes extra\u00edbles sin el consentimiento del usuario."
    }
  ],
  "id": "CVE-2024-54463",
  "lastModified": "2025-03-14T12:00:22.240",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-03-10T19:15:38.290",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/121238"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-54463 (GCVE-0-2024-54463)

WID-SEC-W-2024-2154

BDU:2025-02514

GHSA-68PV-Q73M-P25V

FKIE_CVE-2024-54463

Tags

Sightings

Nomenclature