Arbitrary Code Execution Vulnerability in macOS Sonoma 14.5
CVE-2024-27842

7.8HIGH

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 14 May 2024

🔔 Create Apple Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2024-27842?

The CVE-2024-27842 vulnerability is an arbitrary code execution vulnerability in macOS Sonoma 14.5, which allows an app to execute arbitrary code with kernel privileges. The issue has been fixed by Apple with improved checks in macOS Sonoma 14.5. There have been no known exploitations of this vulnerability in the wild, and it is not linked to any ransomware groups.

Affected Version(s)

macOS < 14.5

News Articles

Libero Tecnologia

Aggiornate subito i MacBook: c'è un bug pericolosissimo

Una nuova vulnerabilità colpisce i Mac e i MacBook con sistema operativo non aggiornato: un hacker può prendere il controllo completo del computer.

thmubnail image

Apple macOS non è sicuro. Aggiornare immediatamente per evitare potenziali attacchi

Una grave falla di sicurezza informatica è stata rilevata all'interno del sistema operativo di Apple Mac OS.

thmubnail image

CVE-2024-27842: macOS 14 больше не является безопасной

Ваше ядро впадёт в панику от одной лишь мысли об эксплойте к новой уязвимости.

thmubnail image

References

https://support.apple.com/en-us/HT214106

https://support.apple.com/kb/HT214106

http://seclists.org/fulldisclosure/2024/May/12

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by prophaze.com
May 14, 2024
Vulnerability published
May 14, 2024
Vulnerability Reserved
Feb 26, 2024

.

CVE-2024-27842 : Arbitrary Code Execution Vulnerability in macOS Sonoma 14.5