Permissions Inheritance Vulnerability in Xcode by Apple
CVE-2024-44228
7.5HIGH
Summary
The vulnerability involves inadequate permission checks within Xcode that may allow a malicious app to inherit the permissions of Xcode itself. This could potentially grant unauthorized access to sensitive user data. The issue has been addressed in Xcode 16 with improved permissions verification mechanisms to ensure user data remains protected. Users are advised to update to the latest version to safeguard against this vulnerability.
Affected Version(s)
Xcode < 16
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published