Apple Fixes Logic Issue to Prevent Root Privileges Escalation
CVE-2024-27822

7.8HIGH

Key Information:

Vendor
Apple
Status
Mac OS
Vendor
CVE Published:
14 May 2024

Badges

πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

Summary

A critical security vulnerability, identified as CVE-2024-27822, has been discovered in macOS, allowing unauthorized root access. The vulnerability affects multiple versions of macOS and has been exploited in the wild. A proof-of-concept exploit code has been released, increasing the risk of exploitation. Apple is actively working on a patch to address the vulnerability and users are advised to update their software as soon as the patch becomes available. The release of the PoC exploit highlights the importance of timely updates and vigilant security practices.

Affected Version(s)

macOS < 14.5

News Articles

favicon imagewww.thehackerwire.com

CVE-2024-27822

We believe that knowledge is the ultimate weapon against cyber threats. By breaking down complex concepts, democratizing technical expertise, and fostering a dialogue around cybersecurity, TheHackerWire...

6 months ago

favicon imageCybersecurityNews

PoC Exploit Released for macOS Root Access Vulnerability

A security vulnerability, identified as CVE-2024-27822, has been discovered in macOS. This vulnerability allows unauthorized root access and has raised serious concerns among cybersecurity experts and macOS users alike.

7 months ago

References

https://support.apple.com/en-us/HT214106
https://support.apple.com/kb/HT214106
http://seclists.org/fulldisclosure/2024/May/12

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by CybersecurityNews

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database2 News Article(s)
.