AI description
CVE-2024-54529 is a logic flaw identified in Apple macOS, specifically within its Audio component. This vulnerability enables an application to execute arbitrary code with kernel-level privileges. The underlying cause is attributed to insufficient validation or improper checks within the kernel code, allowing a local application to escalate its privileges beyond its intended scope. Disclosed on December 11, 2024, this issue was discovered by Dillon Franke in collaboration with Google Project Zero. Apple has since addressed CVE-2024-54529 by implementing improved checks. The fix is available in macOS Sequoia 15.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2.
- Description
- A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to execute arbitrary code with kernel privileges.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- macos
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
8
CVE-2024-54529 was patched. To celebrate, I'm open-sourcing my full PoC exploit for this CoreAudio type confusion vulnerability 🔊 The code is right here! Enjoy: https://t.co/XvWXwXmPg6 https://t.co/aD9NjL70wJ
@hermes_tool1
2 Feb 2026
3954 Impressions
4 Retweets
36 Likes
30 Bookmarks
2 Replies
0 Quotes
It's been just over a year since CVE-2024-54529 was patched. To celebrate, I'm open-sourcing my full PoC exploit for this CoreAudio type confusion vulnerability 🔊 The code is right here! Enjoy: https://t.co/GRvILp6C84 https://t.co/1tu0qyHsQg
@dillon_franke
30 Jan 2026
22068 Impressions
41 Retweets
222 Likes
120 Bookmarks
4 Replies
1 Quote
Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529 https://t.co/Sozi4r5TcL
@ProjectZeroBugs
30 Jan 2026
3471 Impressions
13 Retweets
50 Likes
20 Bookmarks
1 Reply
0 Quotes
CVE-2024-54529 A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to execute … https://t.co/zlYhQ0Qnxw
@CVEnew
12 Dec 2024
234 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-54529 Kernel Privilege Logic Flaw in macOS Sequoia, Ventura, and Sonoma... https://t.co/Vqdc4wHjiJ Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
12 Dec 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30D66414-3769-4793-A9BF-A39E8CAB31D3",
"versionEndExcluding": "13.7.2",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066",
"versionEndExcluding": "14.7.2",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D",
"versionEndExcluding": "15.2",
"versionStartIncluding": "15.0"
}
],
"operator": "OR"
}
]
}
]