CVE-2024-27798: Input Validation
Published May 13, 2024
·Updated
An authorization issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An attacker may be able to elevate privileges.
Credit
Yann GASCUEL(Alter Solutions), an anonymous researcher, Pr(Bar), Pr(Hebrew University), EP, an anonymous researcher(Concentrix), 凯 王(Concentrix), Steven Maser(Concentrix), Matthew McLean(Concentrix), Brandon Chesser(Concentrix), CPU IT inc(Concentrix), (Concentrix), Avalon IT Team(Concentrix), LFY@@secsys(Fudan University), Daniel Zajork, Joshua Zajork, Meysam Firouzi@@R00tkitsmm(Trend Micro Zero Day Initiative), Mickey Jin@@patch1t, Pedro Tôrres@@t0rr3sp3dr0, CVE-2024-23296, CVE-2024-27806, ajajfxhj, Kirin@@Pwnrin, 小来来@@Smi1eSEC, pattern-f@@pattern_F_(Ant Security Light), Amir Bazine(CrowdStrike Counter Adversary Operations), Karsten König(CrowdStrike Counter Adversary Operations), Joshua Jewett@@JoshJewett33, Ron Masas(Imperva), CertiK SkyFall Team, Junsung Lee(Trend Micro Zero Day Initiative), an anonymous researcher(MIT CSAIL), (MIT CSAIL), Joseph Ravichandran@@0xjprx(MIT CSAIL), Nick Wellnhofer, Gil Pedersen, Dohyun Lee@@l33d0hyun, Michael DePlante@@izobashi(Trend Micro Zero Day Initiative), Scott Johnson(RIPEDA Consulting), Mykola Grymalyuk(RIPEDA Consulting), Jordy Witteman, Carlos Polop, Narendra Bhati(Suma Soft Pvt), Shaheen Fazim, Csaba Fitzl@@theevilbit(Kandji), LFY@@secsys, yulige, Snoolie Keffaber@@0xilis, Robert Reichel, Maksymilian Motyl(Immunity Systems), Manfred Paul@@_manfp(Trend Micro's Zero Day Initiative), Emilio Cobos(Mozilla), Lukas Bernhard(CISPA Helmholtz Center for Information Security), Nan Wang@@eternalsakura13(360 Vulnerability Research Institute), Joe Rutkowski@@Joe12387(Crawless), @@abrahamjuliot, Jeff Johnson(underpassapp), Pwn2car(Trend Micro's Zero Day Initiative), (Trend Micro's Zero Day Initiative), Michael DePlante@@izobashi(Trend Micro's Zero Day Initiative), Minghao Lin(Baidu Security), (Baidu Security), Ye Zhang@@VAR10CK(Baidu Security), Meysam Firouzi@@R00tkitSMM
Affected Software
6 affected componentsFixes available
Apple macOS<14.5
14.5
macOS<12.7.5
12.7.5
macOS Ventura<13.6.7
13.6.7
macOS>=12.0<12.7.5
macOS>=13.0<13.6.7
macOS>=14.0<14.5
Event History
May 13, 2024
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
Affected Software
Updated
via Apple·12:00 AM
DescriptionAffected Software
CVE Published
via MITRE·11:00 PM
Data Sourced
via MITRE·11:00 PM
DescriptionWeakness
May 14, 2024
Data Sourced
via NVD·03:13 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2024-27798?
CVE-2024-27798 is considered a significant vulnerability due to its potential for privilege escalation.
2
How do I fix CVE-2024-27798?
To fix CVE-2024-27798, update your system to macOS Sonoma 14.5 or one of the patched versions of macOS Monterey or macOS Ventura.
3
What causes the CVE-2024-27798 vulnerability?
CVE-2024-27798 is caused by an authorization issue related to state management within the macOS.
4
What versions of macOS are affected by CVE-2024-27798?
CVE-2024-27798 affects macOS versions before 12.7.5, between 13.0 and 13.6.7, and between 14.0 and 14.5.
5
Can CVE-2024-27798 be exploited remotely?
CVE-2024-27798 primarily requires local access to the machine to exploit the authorization issues.