7.8

CVE-2024-27822

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to gain root privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS Version >= 14.0 < 14.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.31% 0.672
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.4 1.4 5.9
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-277 Insecure Inherited Permissions

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

http://seclists.org/fulldisclosure/2024/May/12
Mailing List
https://support.apple.com/kb/HT214106
Vendor Advisory
https://support.apple.com/en-us/HT214106
Vendor Advisory
https://support.apple.com/en-us/120903