4.4

CVE-2024-27883

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system.

Data is provided by the National Vulnerability Database (NVD)
ApplemacOS Version < 12.7.6
ApplemacOS Version >= 13.0 < 13.6.8
ApplemacOS Version >= 14.0 < 14.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.01% 0.012
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.4 1.8 2.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.4 1.8 2.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

http://seclists.org/fulldisclosure/2024/Jul/18
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/19
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/20
Third Party Advisory
Mailing List
https://support.apple.com/en-us/HT214118
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214120
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214119
Vendor Advisory
Release Notes