Apple Macos Monterey vulnerabilities

CVE-2024-2004 [LOW] CVE-2024-2004: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-2004 Component: CVE-2024-2004

CVE-2024-40798 [LOW] CVE-2024-40798: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40798 Component: Security Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-27843 [HIGH] CVE-2024-27843: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27843 Component: SharedFileList Impact: An app may be able to elevate privileges Description: A logic issue was addressed with improved checks.

CVE-2024-27796 [HIGH] CVE-2024-27796: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27796 Component: Voice Control Impact: A user may be able to elevate privileges Description: The issue was addressed with improved checks.

CVE-2024-40771 [HIGH] CVE-2024-40771: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-40771 Component: AVEVideoEncoder Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-27817 [HIGH] CVE-2024-27817: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27817 Component: CoreMedia Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved checks.

CVE-2024-27824 [HIGH] CVE-2024-27824: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27824 Component: PackageKit Impact: An app may be able to elevate privileges Description: This issue was addressed by removing the vulnerable code.

CVE-2024-27802 [HIGH] CVE-2024-27802: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27802 Component: Metal Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-27831 [HIGH] CVE-2024-27831: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27831 Component: CoreMedia Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-27798 [HIGH] CVE-2024-27798: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27798 Component: Disk Management Impact: A user may be able to elevate privileges Description: An authorization issue was addressed with improved state management.

CVE-2024-23229 [MEDIUM] CVE-2024-23229: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-23229 Component: Find My Impact: A malicious application may be able to access Find My data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-27840 [MEDIUM] CVE-2024-27840: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27840 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections Description: The issue was addressed with improved memory handling.

CVE-2024-27789 [MEDIUM] CVE-2024-27789: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27789 Component: Foundation Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved checks.

CVE-2024-27847 [MEDIUM] CVE-2024-27847: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27847 Component: Sync Services Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks

CVE-2024-27800 [MEDIUM] CVE-2024-27800: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27800 Component: Messages Impact: Processing a maliciously crafted message may lead to a denial-of-service Description: This issue was addressed by removing the vulnerable code.

CVE-2024-27805 [MEDIUM] CVE-2024-27805: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27805 Component: Core Data Impact: An app may be able to access sensitive user data Description: An issue was addressed with improved validation of environment variables.

CVE-2024-27823 [MEDIUM] CVE-2024-27823: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27823 Component: Kernel Impact: An attacker in a privileged network position may be able to spoof network packets Description: A race condition was addressed with improved locking.

CVE-2024-27885 [MEDIUM] CVE-2024-27885: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27885 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved validation of symlinks.

CVE-2024-27806 [MEDIUM] CVE-2024-27806: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27806 Component: CVE-2024-27806

CVE-2024-27810 [MEDIUM] CVE-2024-27810: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27810 Component: Maps Impact: An app may be able to read sensitive location information Description: A path handling issue was addressed with improved validation.