CVE-2024-44280
Description
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to modify protected parts of the file system.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.082
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in Mac OS - Ventura 13.7.1 (Software Update) - AutoReboot | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.7.1 (Software Update) - AutoReboot (Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.7.1 (Software Update) for MacOS 14.3.1 - AutoReboot | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-611601 | Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only) |
| PATCH-609043 | Mac OS - Sonoma 14.7.1 (Software Update) - AutoReboot (Deployment-Only) |
| PATCH-612607 | Mac OS - Sonoma 14.8.2 (Software Update)(Auto Reboot) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234