CVE-2024-44236
published 2024-10-28CVE-2024-44236: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura…
PriorityP430medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
EPSS
10.94%
95.3th percentile
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Processing a maliciously crafted file may lead to unexpected app termination.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos | < 14.7.1 | 14.7.1 |
| apple | macos | < 15.1 | 15.1 |
| apple | macos | < 13.7.1 | 13.7.1 |
| apple | macos | >= 14.0 < 14.7.1 | 14.7.1 |
| apple | macos_sequoia | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2024-44236: macOS Sonoma 14.7.1
vendor_apple·2024-10-28·CVSS 5.5
CVE-2024-44236 [MEDIUM] CVE-2024-44236: macOS Sonoma 14.7.1
Apple Security Update: About the security content of macOS Sonoma 14.7.1
Product: macOS Sonoma
Version: 14.7.1
CVE: CVE-2024-44236
Component: Shortcuts
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
Apple
CVE-2024-44236: macOS Ventura 13.7.1
vendor_apple·2024-10-28·CVSS 5.5
CVE-2024-44236 [MEDIUM] CVE-2024-44236: macOS Ventura 13.7.1
Apple Security Update: About the security content of macOS Ventura 13.7.1
Product: macOS Ventura
Version: 13.7.1
CVE: CVE-2024-44236
Component: Shortcuts
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
Apple
CVE-2024-44236: macOS Sequoia 15.1
vendor_apple·2024-10-28·CVSS 5.5
CVE-2024-44236 [MEDIUM] CVE-2024-44236: macOS Sequoia 15.1
Apple Security Update: About the security content of macOS Sequoia 15.1
Product: macOS Sequoia
Version: 15.1
CVE: CVE-2024-44236
Component: Shortcuts
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
GHSA
GHSA-94jr-5hwp-8492: An out-of-bounds access issue was addressed with improved bounds checking
ghsa_unreviewed·2024-10-28
CVE-2024-44236 [MEDIUM] CWE-125 GHSA-94jr-5hwp-8492: An out-of-bounds access issue was addressed with improved bounds checking
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-28
Published