CVE-2024-40827

EUVD-2024-38665
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to overwrite arbitrary files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
applemacos
𝑥
< 12.7.6
applemacos
13.0 ≤
𝑥
< 13.6.8
applemacos
14.0 ≤
𝑥
< 14.6
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/120910
https://support.apple.com/en-us/120911
https://support.apple.com/en-us/120912
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
https://support.apple.com/en-us/HT214118
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214120
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120