Resource management error in macOS - CVE-2024-54530
Published: March 18, 2025 / Updated: March 18, 2025
Vulnerability identifier: #VU105821
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-54530
CWE-ID: CWE-399
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Apple Inc.
Affected software:
macOS
macOS
Detailed vulnerability description
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to Passkeys may fill in passwords after failing authentication. An attacker with physical access to the system can obtain user's password after unsuccessful authentication.
How to mitigate CVE-2024-54530
Install updates from vendor's website.