CVE-2024-23245
EUVD-2024-2076408.03.2024, 02:15
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| apple | macos | 12.0 ≤ 𝑥 < 12.7.4 |
| apple | macos | 13.0 ≤ 𝑥 < 13.6.5 |
| apple | macos | 14.0 ≤ 𝑥 < 14.4 |
𝑥
= Vulnerable software versions
References