macOS Ventura 13.7.1, macOS Sonoma 14.7.1 Fix Sandbox Bypass Issue

CVE-2024-44256

8.6HIGH

Key Information

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 28 October 2024

Summary

The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox.

Affected Version(s)

macOS < 14.7

macOS < 13.7

References

https://support.apple.com/en-us/121570

https://support.apple.com/en-us/121568

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 28, 2024

Collectors

NVD DatabaseMitre Database