CVE-2024-44291

HIGH EPSS 21.0%

Published Dec 12, 20241y ago · Modified Jun 17, 20261w ago

7.8 CVSS 3.1

High

Published Dec 12, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. A malicious app may be able to gain root privileges.

CVSS Details

Base Score

7.8

Exploitability

1.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required None

User Interaction Required

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

21.0% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Affected Products 3

Vendor	Product	Version	Range
apple	macos	*	≥13.0 – <13.7.2
apple	macos	*	≥14.0 – <14.7.2
apple	macos	*	≥15.0 – <15.2

References 6

seclists.org http://seclists.org/fulldisclosure/2024/Dec/7
seclists.org http://seclists.org/fulldisclosure/2024/Dec/8
seclists.org http://seclists.org/fulldisclosure/2024/Dec/9
support.apple.com https://support.apple.com/en-us/121839

Vendor Advisory
support.apple.com https://support.apple.com/en-us/121840

Vendor Advisory
support.apple.com https://support.apple.com/en-us/121842

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.