CVE-2024-40849

Severity

7.5HIGH

EPSS

0.1%

top 77.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedApr 2

Description

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

▶CVEListV5apple/macos< 15.1

▶NVDapple/macos< 15.1

GHSA

GHSA-gqpg-3vhq-q494: A race condition was addressed with additional validation↗2026-04-02

▶

CVEList

CVE-2024-40849: A race condition was addressed with additional validation↗2026-04-02

▶

Apple

CVE-2024-40849: macOS Sequoia 15.1↗2024-10-28

▶

Wiz

CVE-2024-40849 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶