CVE-2024-44175

Exploited in the Wild

NIST CVSS Scores

CVSS v3.1 Base Score: 5.5 (Medium)

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA CVSS Scores

CVSS v3.1 Base Score: 7.5 (High)

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Operating Systems Impacted

macOS Sonoma (prior to 14.7.1)
macOS Sequoia (prior to 15)

Additional Resources

Description

CVE-2024-44175 is a vulnerability in Apple's macOS that could allow an application to access sensitive user data. The issue was addressed by Apple through improved validation of symlinks in macOS Sonoma 14.7.1 and macOS Sequoia 15. According to Kandji's analysis, this vulnerability involves a Time-of-Check to Time-of-Use (TOCTOU) race condition in the `diskarbitrationd` daemon. By exploiting this flaw, an attacker could escape the application sandbox and escalate privileges to root from a low-privileged user.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data by an application. The severity of this issue has been assessed as follows: