Data Exposure Vulnerability in Apple macOS Products
CVE-2024-23224

5.5MEDIUM

Key Information:

Vendor: Apple
Status: macOS
Vendor: CVE Published:; 23 January 2024

Summary

An issue exists in macOS that may allow an application to access sensitive user data due to insufficient checks in place. This vulnerability has been addressed in the latest security updates, specifically in macOS Sonoma 14.3 and macOS Ventura 13.6.4, enhancing the protection of user information against unauthorized access.

Affected Version(s)

macOS < 13.6

macOS < 14.3

References

https://support.apple.com/en-us/HT214058

https://support.apple.com/en-us/HT214061

http://seclists.org/fulldisclosure/2024/Jan/36

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 23, 2024
Vulnerability Reserved
Jan 12, 2024