AI description
CVE-2024-44253 is a permissions issue found in Apple's PackageKit framework. This vulnerability could allow an application to modify protected parts of the file system. The vulnerability was addressed by Apple with improved checks in macOS Ventura 13.7.1 and macOS Sonoma 14.7.1.
- Description
- The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-863
- Hype score
- Not currently trending
The blog post format of my talk, "Finding Vulnerabilities in Apple Packages at Scale", I presented at @securityfest and @MacDevOpsYVR is up at @KandjiOfficial 's blog. I cover CVE-2024-27883, CVE-2024-44196 and CVE-2024-44253. https://t.co/g0eFoqJpMJ
@theevilbit
11 Sept 2025
4670 Impressions
16 Retweets
66 Likes
28 Bookmarks
0 Replies
0 Quotes
CVE-2024-44253 The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the fi… https://t.co/0sYV5EMnkS
@CVEnew
28 Oct 2024
284 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012",
"versionEndExcluding": "13.7.1"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE",
"versionEndExcluding": "14.7.1",
"versionStartIncluding": "14.0"
}
],
"operator": "OR"
}
]
}
]