Overview
- Description
- This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences.
- Source
- product-security@apple.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-44133
@transilienceai
4 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-44133
@transilienceai
30 Oct 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-44133
@transilienceai
29 Oct 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft urges macOS users to update due to CVE-2024-44133, a vulnerability patched in September that could allow Adloader malware to access a device's camera, microphone, and location. #Cybersecurity #macOS #Privacy https://t.co/Qvb5RSNOhI https://t.co/25MQNnp0Ng
@JoshMoulin
28 Oct 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️REPORT: New #Apple #macOS vulnerability allows unauthorized data access https://t.co/Z4Ftb1GIrt CVE-2024-44133, CVSS Score 5.5 could allow a malicious actor to evade the OS’s TCC technology, providing the attacker with unauthorized access via Security Magazine #CyberSecurity ht
@SecTicks
27 Oct 2024
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛠️🏄 Introducing Introducing HM-Surf Evaluator by @yo_yo_yo_jbo - to assess macOS browsers for CVE-2024-44133 vulnerability. 🚀 What does it do?: - Tests how susceptible your macOS browsers are to unauthorized data access exploits. - Provides an HTML demo that attempts to… htt
@IntCyberDigest
25 Oct 2024
87 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
دوستان MacOS باز سریع بروزرسانی کنید! مایکروسافت هشدار داده که آسیبپذیری متوسط "HM Surf" میتونه به هکر اجازه بده به دادههای حساس کاربر دسترسی پیدا کنه. این نقص با عنوان CVE-2024-44133 شناسایی شده و میتونه به اطلاعاتی مانند صفحات مرورگر، دوربین و مکان دستگاه دسترسی داشته باشه
@farajimahdi
23 Oct 2024
114 Impressions
0 Retweets
7 Likes
0 Bookmarks
1 Reply
0 Quotes
A exploração da vulnerabilidade CVE-2024-44133 no macOS pode estar relacionada ao malware Adloader. https://t.co/hpS3XHvVLH https://t.co/oRaaZiVT3z
@DMZCast
22 Oct 2024
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
HackRead: RT @HackRead: 🚨 Microsoft discovered a #macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthori…
@MrsYisWhy
22 Oct 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-44133: Microsoft Uncovers macOS Security Hole in TCC Framework https://t.co/rHH7KMJaYy
@the_yellow_fall
22 Oct 2024
264 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
New macOS Vulnerability: Researchers at Microsoft discovered a new macOS vulnerability called "HM Surf" (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access to sensitive data like the camera and microphone. #MacOS #vulnerability #DarkWeb #DarkWebNews ht
@darkwebinsight
22 Oct 2024
198 Impressions
0 Retweets
4 Likes
2 Bookmarks
0 Replies
1 Quote
#exploit 1. CVE-2024-44133: Privacy Controls Bypasses in Safari (+ "HM-Surf" evaluator) https://t.co/hmtWNvAm0T 2. CVE-2024-27983: HTTP2 Node.js server DoS https://t.co/tbe7oV3vkJ
@ksg93rd
20 Oct 2024
173 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit #CyberSecurity 1. CVE-2024-44133: Privacy Controls Bypasses in Safari (+ "HM-Surf" evaluator) https://t.co/mIejpGFopB 2. CVE-2024-27983: HTTP2 Node.js server DoS https://t.co/032awWZQg1
@ShaiiikShoaiiib
20 Oct 2024
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Attention macOS users! A newly discovered vulnerability can bypass Safari's privacy controls, putting your data at risk. Microsoft has revealed this flaw, tracked as CVE-2024-44133. Stay safe—update your system now! 🔒👉 https://t.co/VKxZHAMJ7u
@StackZeroSec
20 Oct 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The issue, tracked as CVE-2024-44133, allows attackers to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and access user data. Apple addressed the bug in macOS Sequoia 15 in mid-September by removing the ... To read more, click link in bio htt
@Inventrium
20 Oct 2024
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AppleのmacOSに重大な脆弱性「HM Surf」が発見されました。この問題により、ユーザーの同意なしにカメラやマイクにアクセスされる可能性があります。 #macOS脆弱性 #HMSurf CVE-2024-44133 https://t.co/CwTLuIBUXZ
@innovaTopia_JP
72 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أعلنت مايكروسوفت عن ثغرة أمنية في إطار الشفافية والموافقة والتحكم (TCC) في macOS، تُعرف بـ HM Surf، والتي تم استغلالها لتجاوز تفضيلات الخصوصية والوصول إلى البيانات. تم معالجة الثغرة، المسجلة كـ CVE-2024-44133، في تحديث macOS Sequoia 15 من قبل آبل. #الامن_السيبراني https://t.c
@cyberetweet
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Safari Surprise: Mac Users Unwittingly Invite Spies with CVE-2024-44133 Vulnerability! Hot Take: Apple's Safari has managed to pull a Houdini on macOS users by giving sneaky apps the keys to the kingdom, all while the TCC security layer was napping. Meanwhile, cyber villains… h
@TheNimbleNerd
40 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Yeni keşfedilen bir macOS güvenlik açığı, "HM Surf", saldırganların Transparency, Consent, and Control (TCC) teknolojisini atlatarak korunan verilere yetkisiz erişim sağlamasına olanak tanır. Bu güvenlik açığı, CVE-2024-44133 olarak tanımlanmıştır. https://t.co/SE2qAYYahN
@cyberinlab
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
اكتشفت مايكروسوفت ثغرة على نظام الماك كانت من ضمن الثغرات الامنية التي اغلقتها ابل في نظام ماك ساكويا ثغرة " CVE-2024-44133 " باسم HM Surf التي تسمح بازالة حماية TCC في سفاري .. وهي تمكن المخترق من الوصول غير المصرح به لسجل الزيارة والكاميرا وغيرها .. تم اغلاق الثغرة في اصدار…
@mr_thamer
3984 Impressions
3 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
🛑 Microsoft discovered a serious security flaw (CVE-2024-44133) in #Apple’s macOS TCC framework that could bypass user consent for sensitive data access like your location, camera, or microphone! Learn more: https://t.co/Cj6WQgWs8g... https://t.co/Fe4zboxnaq
@IT_news_for_all
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
macOSで同意なくカメラとマイクを使用できる脆弱性"HM Surf" (CVE-2024-44133)のPoC(攻撃の概念実証コード)が公開された。AppleのTransparency, Consent, and Control (TCC)機構を回避するもの。Safariディレクトリ内の設定ファイル変更により既定の動作を変更可能だった。 https://t.co/MfN0vukAKW
@__kokumoto
2766 Impressions
19 Retweets
49 Likes
17 Bookmarks
0 Replies
0 Quotes
🚨 New #macOS vulnerability, CVE-2024-44133, lets attackers bypass Safari privacy settings & access sensitive data! Patch up with macOS Sequoia 15 & stay secure. Don't let intruders peek into your digital life! 🛡️ #CyberSecurity #TechNews #MacOS https://t.co/MSiAawjIDZ
@HexcladSecurity
40 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
HM Surf (CVE-2024-44133): macOS Flaw Exposing Cameras and Microphones to Hackers, #PoC Published Learn about CVE-2024-44133, a serious vulnerability in #macOS that bypasses Apple's #TCC technology, potentially exposing sensitive user data https://t.co/ADtDQ03uM8
@the_yellow_fall
83 Impressions
2 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45",
"versionEndExcluding": "15.0"
}
],
"operator": "OR"
}
]
}
]