CVE-2024-54557

HIGH

macOS <14.7.2-13.7.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system.

References (3)

Core 3
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/121839
Release Notes, Vendor Advisory
https://support.apple.com/en-us/121840
Release Notes, Vendor Advisory
https://support.apple.com/en-us/121842

Scores

CVSS v3 7.5
EPSS 0.0048
EPSS Percentile 37.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-281
Status published
Products (4)
apple/macos < 13.7.2
Apple/macOS < 13.7.2
Apple/macOS < 14.7.2
Apple/macOS < 15.2
Published Jan 27, 2025
Tracked Since Feb 18, 2026