- Description
- This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to leak a user's credentials.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
CVE-2024-54471 This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to … https://t.co/m7DBol4vrI
@CVEnew
12 Dec 2024
203 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The CVE record for CVE-2024-54471 currently appears to only indicate it being fixed in macOS Sonoma 14.7.1, and macOS Ventura 13.7.1. To be clear, as per Apple's own advisories, it was also fixed in macOS Sequoia 15.1. I've been told an update to the record is being worked on.
@wtsdev
12 Dec 2024
168 Impressions
0 Retweets
2 Likes
0 Bookmarks
2 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012",
"versionEndExcluding": "13.7.1"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE",
"versionEndExcluding": "14.7.1",
"versionStartIncluding": "14.0"
}
],
"operator": "OR"
}
]
}
]