Main Vulnerability Database Vulnerabilities #VU99390

#VU99390 Security features bypass in macOS - CVE-2024-44137

Published: October 28, 2024

Vulnerability identifier: #VU99390

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-44137

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to improper checks in Screen Capture. An attacker with physical access to device can share items from the lock screen.

Install updates from vendor's website.