CVE-2024-44305Incorrect Authorization in Apple Macos

CWE-863Incorrect Authorization3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 92.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple Macos Sonoma
Timeline
PublishedMar 21

Description

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Appleapple/macos_sonoma14.6
NVDapple/macos< 14.6

🔴Vulnerability Details

1
GHSA
GHSA-gqm6-fmp7-jxxx: This issue was addressed by removing the vulnerable code2025-03-21

📋Vendor Advisories

1
Apple
CVE-2024-44305: macOS Sonoma 14.62024-07-29