CVE-2024-44123

2.3LOW

Key Information

Vendor: Apple
Status: Mac OS; iOS And iPad OS
Vendor: CVE Published:; 28 October 2024

Summary

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. A malicious app with root privileges may be able to access keyboard input and location information without user consent.

Affected Version(s)

macOS < 15

iOS and iPadOS < 18

CVSS V3.1

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 28, 2024

Collectors

NVD DatabaseMitre Database