CVE-2024-27885

MEDIUM

macOS <14.5-13.6.7-12.7.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to modify protected parts of the file system.

Scores

CVSS v3 6.3
EPSS 0.0027
EPSS Percentile 18.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-59
Status published
Products (4)
apple/macos < 12.7.5
Apple/macOS < 12.7.5
Apple/macOS < 13.6.7
Apple/macOS < 14.5
Published Jun 10, 2024
Tracked Since Feb 18, 2026