#VU98740 Permissions, Privileges, and Access Controls in macOS - CVE-2024-44141
Published: October 16, 2024
Vulnerability identifier: #VU98740
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-44141
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
macOS
macOS
Software vendor:
Apple Inc.
Apple Inc.
Description
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in DiskArbitration. An attacker with physical access to the system can execute arbitrary code as root.
Remediation
Install updates from vendor's website.