CVE-2024-44196

Published Oct 28, 2024

Last updated 22 days ago

CVSS medium 5.5

Overview

Description: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to modify protected parts of the file system.
Source: product-security@apple.com
NVD status: Modified
Products: macos

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-863

Hype score: Not currently trending

The blog post format of my talk, "Finding Vulnerabilities in Apple Packages at Scale", I presented at @securityfest and @MacDevOpsYVR is up at @KandjiOfficial 's blog. I cover CVE-2024-27883, CVE-2024-44196 and CVE-2024-44253. https://t.co/g0eFoqJpMJ
@theevilbit
11 Sept 2025
4670 Impressions
16 Retweets
66 Likes
28 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "7CD2FFE9-0143-40BD-8FD1-F7408CF085AB",
            "versionEndExcluding": "13.7.1",
            "versionStartIncluding": "13.0.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE",
            "versionEndExcluding": "14.7.1",
            "versionStartIncluding": "14.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References