Logic Flaw in Apple Software Allows Unauthorized App Modifications
CVE-2024-54560
5.5MEDIUM
Key Information:
- Vendor
- Apple
- Vendor
- CVE Published:
- 10 March 2025
Summary
A flaw in several Apple operating systems allows a malicious application to potentially modify other installed applications without the necessary App Management permissions. This logic issue has been addressed in the latest updates for iOS, iPadOS, watchOS, tvOS, and macOS, reinforcing the integrity of app management and security.
Affected Version(s)
iOS and iPadOS < 18
macOS < 15
tvOS < 18
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved