4.6

CVE-2024-44137

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An attacker with physical access may be able to share items from the lock screen.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS Version < 13.7.1
ApplemacOS Version >= 14.0 < 14.7.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.31% 0.228
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 0.9 3.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.6 0.9 3.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://support.apple.com/en-us/121238
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121568
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121570
Vendor Advisory
Release Notes
http://seclists.org/fulldisclosure/2024/Oct/12
http://seclists.org/fulldisclosure/2024/Oct/13