CVE-2024-40805 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.1 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Affected Products (NVD)

Vendor	Product	Version
apple	ipados	𝑥 < 17.6
apple	iphone_os	𝑥 < 17.6
apple	macos	14.0 ≤ 𝑥 < 14.6
apple	tvos	𝑥 < 17.6
apple	watchos	𝑥 < 10.6

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
apple	ios	𝑥 < 17.6	ADP
apple	watchos	𝑥 < 10.6	ADP
apple	ipad_os	𝑥 < 17.6	ADP
apple	tvos	𝑥 < 17.6	ADP
apple	macos	14.0 ≤ 𝑥 < 14.6	ADP

Common Weakness Enumeration

CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
CWE-281 - Improper Preservation of Permissions
The software does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

References

https://support.apple.com/en-us/120909

https://support.apple.com/en-us/120911

https://support.apple.com/en-us/120914

https://support.apple.com/en-us/120916

http://seclists.org/fulldisclosure/2024/Jul/16

http://seclists.org/fulldisclosure/2024/Jul/18

http://seclists.org/fulldisclosure/2024/Jul/21

http://seclists.org/fulldisclosure/2024/Jul/22

https://support.apple.com/en-us/HT214117

https://support.apple.com/en-us/HT214119

https://support.apple.com/en-us/HT214122

https://support.apple.com/en-us/HT214124

https://support.apple.com/kb/HT214117

https://support.apple.com/kb/HT214119

https://support.apple.com/kb/HT214122

https://support.apple.com/kb/HT214124