Main Vulnerability Database Vulnerabilities #VU105911

Protection mechanism failure in macOS - CVE-2024-54564

Published: March 21, 2025

Vulnerability identifier: #VU105911

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-54564

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
macOS

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. A file received from AirDrop may not have the quarantine flag applied. This can help an attacker into tricking the victim to execute the file, as it will appear as safe for execution.

How to mitigate CVE-2024-54564

Install updates from vendor's website.

Sources

https://support.apple.com/en-us/120911

Protection mechanism failure in macOS - CVE-2024-54564

Detailed vulnerability description

How to mitigate CVE-2024-54564

Sources

Please verify you're human