Physical Access Vulnerability in Apple macOS Sequoia Products
CVE-2024-44286

7.5HIGH

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 2 April 2026

What is CVE-2024-44286?

A security issue exists within Apple's macOS Sequoia products where an attacker with physical access to a locked device can input keyboard events to running applications. This vulnerability highlights the importance of securing devices, even when they appear to be locked, as it can allow unauthorized access to sensitive information or functionalities within installed applications. The issue has been addressed in macOS Sequoia version 15.1 with improvements in state management to mitigate this risk.

Affected Version(s)

macOS 0 < 15.1

References

https://support.apple.com/en-us/121564

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2026
Vulnerability Reserved
Aug 20, 2024

CVE-2024-44286 Data

JSON