CVE-2024-54498

Published Dec 12, 2024

Last updated 2 months ago

CVSS high 8.8

Overview

Description
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to break out of its sandbox.
Source
product-security@apple.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
6
Exploitability score
2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. #Vulnerability #CVE202454498 New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security https://t.co/4NQKL8HuoZ

    @Komodosec

    4 Feb 2025

    138 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. macOS のサンドボックス回避の脆弱性 CVE-2024-54498:PoC が提供 https://t.co/U3QAz9W3Te macOS の Sandbox エスケープの脆弱性が FIX しました。ご利用のユーザーさんは、ご注意ください。このところ、macOS のセキュリティ・インフラに、脆弱性が多発しているように思えます。 #Apple… https://t.co/M4UHQscbh2

    @iototsecnews

    21 Jan 2025

    108 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. به تازگی برای macOS sandbox آسیب پذیری با کد شناساییCVE-2024-54498منتشر شده است.نمره این آسیب پذیری8.8بوده ونسخه های macOS Sequoia 15.2وmacOS Ventur 13.7.2 و macOS Sonoma 14.7.2دارای این آسیب پذیری می باشند. برای پیشگیری و مقابله بااین تهدیدسیستم های مک خودرابه روز رسانی نمایید.

    @cybernetic_cy

    15 Jan 2025

    104 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. به تازگی برای macOS sandbox آسیب پذیری با کد شناسایی CVE-2024-54498 منتشر شده است. نمره این آسیب پذیری 8.8 بوده و نسخه های macOS Sequoia 15.2 و macOS Ventura 13.7.2 و macOS Sonoma 14.7.2 دارای این آسیب پذیری می باشند. https://t.co/Poz3aKYxT1 https://t.co/o7tHoBZqIT

    @AmirHossein_sec

    14 Jan 2025

    31 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Threat Alert: PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498) CVE-2024-54498 Severity: 🔴 High Maturity: 🧨 Trending Learn more: https://t.co/Zq8WoiVftD #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    14 Jan 2025

    52 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. GitHub - wh1te4ever/CVE-2024-54498-PoC: Escape macOS Sandbox using sharedfilelistd exploit - https://t.co/neYlhon7ct

    @piedpiper1616

    13 Jan 2025

    1447 Impressions

    9 Retweets

    20 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  7. #exploit 1. CVE-2024-49114: Windows Cloud Files Mini Filter Driver EoP https://t.co/5admouMK8A 2. Exploiting SSTI in a Spring Boot 3.3.4 https://t.co/0ghJIQB0cJ 3. CVE-2024-54498: Escape macOS Sandbox using sharedfilelistd exploit https://t.co/zhdbiYcNZG

    @ksg93rd

    13 Jan 2025

    139 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. A critical macOS vulnerability (CVE-2024-54498) has seen a proof-of-concept exploit released, allowing apps to bypass sandbox protections. High risk of data theft! Updates available for affected systems. ☠️🔒 #macOS #CVE2024 #CybersecurityNews link: https://t.co/i08MjjIONC https

    @TweetThreatNews

    13 Jan 2025

    14 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Warning: High severity vulnerability in @Apple #macOS. #CVE-2024-54498 CVSS: 8.8. This vulnerability can lead to apps breaking out of their sandbox. More info: https://t.co/w7uLcxMObr & https://t.co/xMIxClufT8 #Patch #Patch #Patch

    @CCBalert

    13 Jan 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498) #JustUnsecure #AFrihackbox https://t.co/BHrxE0azQG

    @afrihackbox

    13 Jan 2025

    70 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. macOSの脆弱性CVE-2024-54498により、アプリケーションがサンドボックスを突破し、ユーザーのデータへ不正アクセス可能となる。研究者がPoC(概念実証コード)を公開し、脆弱性は共有ファイルリストプロセスを悪用する手法が確認された。 https://t.co/gtjPj9IFlt

    @01ra66it

    13 Jan 2025

    182 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  12. CVE-2024-54498: Exploit Code Released for macOS Flaw #CVE-2024-54498 #macOS #ExploitCode https://t.co/LwPRaV86v3

    @pravin_karthik

    13 Jan 2025

    32 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Critical macOS Sandbox Vulnerability (CVE-2024-54498) PoC Exploit Released Online https://t.co/BuV3a1HSeP

    @SecurityAid

    13 Jan 2025

    38 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  14. macOS Sandbox Güvenliğini Aşan Kritik Açık: CVE-2024-54498 https://t.co/qcXbBGQQwV

    @cyberwebeyeos

    13 Jan 2025

    18 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security https://t.co/yKcFCvXH2f

    @Dinosn

    13 Jan 2025

    5129 Impressions

    29 Retweets

    83 Likes

    28 Bookmarks

    0 Replies

    0 Quotes

  16. macOSにおけるサンドボックス迂回脆弱性CVE-2024-54498に対応するPoC(攻撃の概念実証コード)が公表された。 https://t.co/FHS2CIzULY

    @__kokumoto

    13 Jan 2025

    1113 Impressions

    0 Retweets

    13 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  17. New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security Researcher has revealed a #PoC exploit for CVE-2024-54498, a flaw that allows applications to escape the confines of the #macOS #Sandbox https://t.co/JgZFYNexEG

    @the_yellow_fall

    13 Jan 2025

    2560 Impressions

    27 Retweets

    52 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  18. Jailbreak news of the week: Apple’s ACE3 USB-C Controller pwned, CVE-2024-54498 PoC, RootHide updates, & more… https://t.co/yP3ex3RrNP

    @iDownloadBlog

    12 Jan 2025

    2862 Impressions

    0 Retweets

    10 Likes

    2 Bookmarks

    1 Reply

    1 Quote

  19. GitHub - wh1te4ever/CVE-2024-54498-PoC: Escape macOS Sandbox using sharedfilelistd exploit https://t.co/Wl2egAwbQt

    @akaclandestine

    11 Jan 2025

    1052 Impressions

    5 Retweets

    13 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  20. From our Blog- PoC published for CVE-2024-54498 macOS sandbox escape patched in macOS Sequoia 15.2 Apple device security nerds, unless they've been living under a rock, have probably heard about CVE-2024-54498, or perhaps be ... https://t.co/B18KILxfWR https://t.co/IV3lxAlhIx

    @MidAtlConsult

    9 Jan 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. PoC published for CVE-2024-54498 macOS sandbox escape patched in macOS Sequoia 15.2 https://t.co/oRNxRc0JuO

    @iDownloadBlog

    9 Jan 2025

    2016 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. CVE-2024-54498 A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able… https://t.co/QlKb8gjM8d

    @CVEnew

    12 Dec 2024

    253 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References