CVE-2024-54477

Exploited in the Wild

NIST CVSS Scores

CVSS v3.1 Base Score: 5.5 (Medium)

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA CVSS Scores

CVSS v3.1 Base Score: 5.5 (Medium)

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Operating Systems Impacted

macOS Ventura (prior to 13.7.2)
macOS Sonoma (prior to 14.7.2)
macOS Sequoia (prior to 15.2)

Additional Resources

NVD CVE-2024-54477
macOS Ventura 13.7.2
macOS Sonoma 14.7.2
macOS Sequoia 15.2

Description

CVE-2024-54477 allows an application to access sensitive user data. Apple mitigated the vulnerability through stricter checks in recent updates. Reported by Mickey Jin (@patch1t) and Csaba Fitzl (@theevilbit) of Kandji.

Impact

Grants unauthorized access to sensitive user information. The severity of this issue has been assessed as follows: