Permissions, Privileges, and Access Controls in macOS - CVE-2024-44141

 

Permissions, Privileges, and Access Controls in macOS - CVE-2024-44141

Published: October 16, 2024


Vulnerability identifier: #VU98740
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-44141
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Apple Inc.
Affected software:
macOS

Detailed vulnerability description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions in DiskArbitration. An attacker with physical access to the system can execute arbitrary code as root.


How to mitigate CVE-2024-44141

Install updates from vendor's website.

Sources