Symlink Validation Flaw in Apple's macOS Sequoia Affects Sensitive User Data

CVE-2024-44211

Currently unrated 🤨

Key Information

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 20 December 2024

Summary

CVE-2024-44211 is a high-risk vulnerability affecting Apple's macOS Sequoia 15.1 that arises from inadequate validation of symbolic links (symlinks). This security flaw could potentially allow malicious applications to gain unauthorized access to sensitive user data, posing a significant risk to user privacy and data integrity. Apple has addressed this vulnerability through improved symlink validation measures in the latest software update.

Affected Version(s)

macOS < 15.1

References

https://support.apple.com/en-us/121564

Timeline

Vulnerability published
Dec 20, 2024
Vulnerability Reserved
Aug 20, 2024

Collectors

NVD DatabaseMitre Database