- Description
- A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to break out of its sandbox.
- Source
- product-security@apple.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 6
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
3
PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498) #JustUnsecure #AFrihackbox https://t.co/BHrxE0azQG
@afrihackbox
13 Jan 2025
44 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
macOSの脆弱性CVE-2024-54498により、アプリケーションがサンドボックスを突破し、ユーザーのデータへ不正アクセス可能となる。研究者がPoC(概念実証コード)を公開し、脆弱性は共有ファイルリストプロセスを悪用する手法が確認された。 https://t.co/gtjPj9IFlt
@01ra66it
13 Jan 2025
182 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-54498: Exploit Code Released for macOS Flaw #CVE-2024-54498 #macOS #ExploitCode https://t.co/LwPRaV86v3
@pravin_karthik
13 Jan 2025
18 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical macOS Sandbox Vulnerability (CVE-2024-54498) PoC Exploit Released Online https://t.co/BuV3a1HSeP
@SecurityAid
13 Jan 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
macOS Sandbox Güvenliğini Aşan Kritik Açık: CVE-2024-54498 https://t.co/qcXbBGQQwV
@cyberwebeyeos
13 Jan 2025
11 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security https://t.co/yKcFCvXH2f
@Dinosn
13 Jan 2025
2813 Impressions
15 Retweets
38 Likes
16 Bookmarks
0 Replies
0 Quotes
macOSにおけるサンドボックス迂回脆弱性CVE-2024-54498に対応するPoC(攻撃の概念実証コード)が公表された。 https://t.co/FHS2CIzULY
@__kokumoto
13 Jan 2025
922 Impressions
0 Retweets
12 Likes
1 Bookmark
0 Replies
0 Quotes
New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security Researcher has revealed a #PoC exploit for CVE-2024-54498, a flaw that allows applications to escape the confines of the #macOS #Sandbox https://t.co/JgZFYNexEG
@the_yellow_fall
13 Jan 2025
1331 Impressions
12 Retweets
31 Likes
3 Bookmarks
0 Replies
0 Quotes
Jailbreak news of the week: Apple’s ACE3 USB-C Controller pwned, CVE-2024-54498 PoC, RootHide updates, & more… https://t.co/yP3ex3RrNP
@iDownloadBlog
12 Jan 2025
2862 Impressions
0 Retweets
10 Likes
2 Bookmarks
1 Reply
1 Quote
GitHub - wh1te4ever/CVE-2024-54498-PoC: Escape macOS Sandbox using sharedfilelistd exploit https://t.co/Wl2egAwbQt
@akaclandestine
11 Jan 2025
1052 Impressions
5 Retweets
13 Likes
2 Bookmarks
0 Replies
0 Quotes
From our Blog- PoC published for CVE-2024-54498 macOS sandbox escape patched in macOS Sequoia 15.2 Apple device security nerds, unless they've been living under a rock, have probably heard about CVE-2024-54498, or perhaps be ... https://t.co/B18KILxfWR https://t.co/IV3lxAlhIx
@MidAtlConsult
9 Jan 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC published for CVE-2024-54498 macOS sandbox escape patched in macOS Sequoia 15.2 https://t.co/oRNxRc0JuO
@iDownloadBlog
9 Jan 2025
2016 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-54498 A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able… https://t.co/QlKb8gjM8d
@CVEnew
12 Dec 2024
253 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E37694D-5783-4112-B372-5915C231512F",
"versionEndExcluding": "13.7.2"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066",
"versionEndExcluding": "14.7.2",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D",
"versionEndExcluding": "15.2",
"versionStartIncluding": "15.0"
}
],
"operator": "OR"
}
]
}
]