Apple Macos Sequoia vulnerabilities

CVE-2024-54477 [MEDIUM] CVE-2024-54477: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54477 Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-54524 [MEDIUM] CVE-2024-54524: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54524 Component: SharedFileList Impact: A malicious app may be able to access arbitrary files Description: A logic issue was addressed with improved file handling.

CVE-2024-54510 [MEDIUM] CVE-2024-54510: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54510 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: A race condition was addressed with improved locking.

CVE-2024-54536 [MEDIUM] CVE-2024-54536: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54536 Component: MobileAccessoryUpdater Impact: An app may be able to edit NVRAM variables Description: The issue was addressed with improved validation of environment variables.

CVE-2024-54549 [MEDIUM] CVE-2024-54549: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54549 Component: Sync Services Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-54504 [MEDIUM] CVE-2024-54504: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54504 Component: Notification Center Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-54520 [MEDIUM] CVE-2024-54520: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54520 Component: System Settings Impact: An app may be able to overwrite arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-44243 [MEDIUM] CVE-2024-44243: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-44243 Component: StorageKit Impact: An app may be able to modify protected parts of the file system Description: A configuration issue was addressed with additional restrictions.

CVE-2024-54476 [MEDIUM] CVE-2024-54476: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54476 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-54519 [MEDIUM] CVE-2024-54519: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54519 Component: Find My Impact: An app may be able to read sensitive location information Description: The issue was resolved by sanitizing logging.

CVE-2024-54492 [MEDIUM] CVE-2024-54492: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54492 Component: Passwords Impact: An attacker in a privileged network position may be able to alter network traffic Description: This issue was addressed by using HTTPS when sending information over the network.

CVE-2024-54485 [LOW] CVE-2024-54485: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54485 Component: VoiceOver Impact: An attacker with physical access to an iOS device may be able to view notification content from the lock screen Description: The issue was addressed by adding additional logic.

CVE-2024-40864 [LOW] CVE-2024-40864: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-40864 Impact: An attacker in a privileged network position may be able to track a user's activity Description: The issue was addressed with improved handling of protocols.

CVE-2024-54516 [LOW] CVE-2024-54516: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54516 Component: SharedFileList Impact: An app may be able to approve a launch daemon without user consent Description: A permissions issue was addressed with additional restrictions.

CVE-2024-54475 [LOW] CVE-2024-54475: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54475 Component: System Settings Impact: An app may be able to determine a user’s current location Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-44271 [LOW] CVE-2024-44271: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-44271 Component: Control Center Impact: An app may be able to record the screen without an indicator Description: The issue was addressed with improved checks.

CVE-2024-54491 [LOW] CVE-2024-54491: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54491 Component: Logging Impact: A malicious application may be able to determine a user's current location Description: The issue was resolved by sanitizing logging

CVE-2024-54493 [LOW] CVE-2024-54493: macOS Sequoia 15.2 Apple Security Update: About the security content of macOS Sequoia 15.2 Product: macOS Sequoia Version: 15.2 CVE: CVE-2024-54493 Component: Shortcuts Impact: Privacy indicators for microphone access may be attributed incorrectly Description: This issue was addressed through improved state management.

CVE-2024-38476 [CRITICAL] CVE-2024-38476: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-38476 Component: CVE-2024-38476

CVE-2024-44242 [CRITICAL] CVE-2024-44242: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44242 Component: IOMobileFrameBuffer Impact: An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware Description: The issue was addressed with improved bounds checks.