CVE-2024-54537
Published: 27 January 2025
Description
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to read and write files outside of its sandbox.
Security Summary
CVE-2024-54537 is a sandbox escape vulnerability affecting macOS systems, where a malicious app can read and write files outside of its designated sandbox. The issue impacts macOS versions prior to Sequoia 15.2, Sonoma 14.7.2, and Ventura 13.7.2. It was addressed by Apple through additional entitlement checks to enforce proper sandbox boundaries.
The vulnerability has a CVSS v3.1 base score of 8.2 (High), with local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), and user interaction required (UI:R). A local attacker can exploit it by tricking a user into running a malicious app, achieving high confidentiality and integrity impacts (C:H/I:H) with changed scope (S:C) but no availability impact (A:N). Successful exploitation allows the app to access and modify sensitive files beyond its sandbox restrictions.
Apple's security advisories confirm the fix in macOS Sequoia 15.2, Sonoma 14.7.2, and Ventura 13.7.2 via enhanced entitlement checks. Relevant updates are detailed in support documents at https://support.apple.com/en-us/121839, https://support.apple.com/en-us/121840, and https://support.apple.com/en-us/121842, recommending immediate patching for affected systems.
Details
- CWE(s)