Main Vulnerability Database Vulnerabilities #VU99399

#VU99399 Security features bypass in macOS - CVE-2024-44278

Published: October 28, 2024

Vulnerability identifier: #VU99399

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-44278

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper checks in Siri. An local application can access sensitive user data in system logs.

Install updates from vendor's website.