CVE-2024-54469

Exploited in the Wild

NIST CVSS Scores

CVSS v3.1 Base Score: 5.5 (Medium)

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA CVSS Scores

CVSS v3.1 Base Score: 5.5 (Medium)

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Operating Systems Impacted

macOS Ventura (prior to 13.7)
macOS Sonoma (prior to 14.7)
macOS Sequoia (prior to 15)
iOS (prior to 18)
iPadOS (prior to 18)
visionOS (prior to 2)

Additional Resources

NVD CVE-2024-54469
macOS Ventura 13.7
macOS Sonoma 14.7
macOS Sequoia 15
iOS 18 and iPadOS 18
visionOS 2

Description

CVE-2024-54469 is a security vulnerability in Apple's FileProvider component that could allow a local user to leak sensitive user information. The issue was addressed by Apple through improved checks in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15, iOS 18, iPadOS 18, and visionOS 2.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user information by a local user. The severity of this issue has been assessed as follows: