CVE-2024-54463

MEDIUM

macOS < 15.0 - Unauthorized Access to Removable Volumes

Title source: llm

Description

This issue was addressed with improved entitlements. This issue is fixed in macOS Sequoia 15. An app may be able to access removable volumes without user consent.

References (1)

Core 1

Core References

Release Notes, Vendor Advisory

https://support.apple.com/en-us/121238

Scores

CVSS v3 5.5

EPSS 0.0017

EPSS Percentile 37.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (2)

Apple/macOS < 15

apple/macos < 15.0

Published Mar 10, 2025

Tracked Since Feb 18, 2026