CVE-2024-44129: Infoleak
Published Sep 16, 2024
·Updated
Accounts. The issue was addressed with improved checks.
Credit
CVE-2024-44129, Kirin@@Pwnrin, Stephan Casas, an anonymous researcher, Mickey Jin@@patch1t, Claudio Bozzato(Cisco Talos), Francesco Benvenuto(Cisco Talos), Anton Boegler, Snoolie Keffaber@@0xilis, Csaba Fitzl@@theevilbit(Kandji), Denis Tokarev@@illusionofcha0s, dw0r(ZeroPointer Lab working with Trend Micro Zero Day Initiative), Michael DePlante@@izobashi(Trend Micro Zero Day Initiative), Antonio Zekić, Andrew Lytvynov, Rodolphe BRUNETTI@@eisw0lf, Kirin@@Pwnrin(Fudan University), LFY@@secsys(Fudan University), Olivier Levon, ajajfxhj, Rifa'i Rejal Maynando, Zhongquan Li@@Guluisacat, Kirin@@Pwnrin(NorthSea), luckyu@@uuulucky(NorthSea), Bohdan Stasiuk@@Bohdan_Stasiuk, Yiğit Can YILMAZ@@yilmazcanyigit, Pedro Tôrres@@t0rr3sp3dr0, CVE-2024-44130, Pwn2car(Trend Micro Zero Day Initiative), Halle Winkler, Politepix@@hallewinkler, Holger Fuhrmannek, Rodolphe Brunetti@@eisw0lf, CVE-2023-4504, @@08Tc3wBB(Jamf), Junsung Lee, Alexander Heinrich, SEEMOO, DistriNet, KU Leuven@@vanhoefm, TU Darmstadt@@Sn0wfreeze, Mathy Vanhoef, Jeff Johnson (underpassapp.com), OSS-Fuzz(Google Project Zero), Ned Williamson(Google Project Zero), CVE-2023-5841, Meng Zhang (鲸落)(NorthSea), Brian McNulty(Computer Science), Cristian Dinca(Computer Science), Romania, Vaibhav Prajapati, CVE-2024-39894, Wojciech Regula(SecuRing), Narendra Bhati(Cyber Security at Suma Soft Pvt), Manager(Cyber Security at Suma Soft Pvt), Pune (India), Yiğit Can YILMAZ@@yilmazcanyigit(SecuRing), 냥냥, Vivek Dhar, working as Assistant Sub-Inspector (RM) in Border Security Force (Frontier Headquarter BSF Kashmir), Pedro José Pereira Vieito@@pvieito, Om Kothawade(the UNTHSC College of Pharmacy), Omar A. Alanis(the UNTHSC College of Pharmacy), Bistrit Dahal, Matej Moravec@@MacejkoMoravec, K宝, LFY@@secsys, Smi1e, yulige, Cristian Dinca (icmd.tech), Arsenii Kostromin (0x3c3e), Ron Masas(BreakPoint), Jonathan Bar Or@@yo_yo_yo_jbo(Microsoft), CVE-2024-41957, Narendra Bhati(Cyber Security At Suma Soft Pvt), Manager(Cyber Security At Suma Soft Pvt), Tashita Software Security, Ron Masas, Hafiizh(HakTrak), YoKo Kho@@yokoacc(HakTrak), Tim Michaud@@TimGMichaud(Moveworks), Antonio Zekic@@antoniozekic, ant4g0nist, Charly Suchanek, CVE-2024-44134, Preet Dsouza (Fleming College, Computer Security & Investigations Program), Domien Schepers, Tim Clem, Gergely Kalman@@gergely_kalman, Koh M. Nakagawa@@tsunek0h
Affected Software
3 affected componentsFixes available
macOS<15
15
macOS<13.7
macOS Ventura<13.7
13.7
Event History
Sep 16, 2024
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
CVE Published
via MITRE·11:23 PM
Data Sourced
via MITRE·11:23 PM
DescriptionWeakness
Sep 17, 2024
Data Sourced
via NVD·12:15 AM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2024-44129?
CVE-2024-44129 has a severity rating that suggests it can lead to leakage of sensitive user information.
2
How do I fix CVE-2024-44129?
To fix CVE-2024-44129, update to macOS Ventura 13.7 or macOS Sequoia 15.
3
What type of vulnerability is CVE-2024-44129?
CVE-2024-44129 is a vulnerability related to improper checks that can allow sensitive information leakage.
4
What versions of macOS are affected by CVE-2024-44129?
CVE-2024-44129 affects macOS versions prior to 13.7 and all earlier versions of macOS.
5
Is there a known exploit for CVE-2024-44129?
As of now, there are no publicly known exploits for CVE-2024-44129.