CVE-2024-44153
Published Sep 16, 2024
·Updated
Accounts. The issue was addressed with improved checks.
Credit
Mickey Jin@@patch1t, Bohdan Stasiuk@@Bohdan_Stasiuk, Yiğit Can YILMAZ@@yilmazcanyigit, Pedro Tôrres@@t0rr3sp3dr0, CVE-2024-44130, Kirin@@Pwnrin, Michael DePlante@@izobashi(Trend Micro Zero Day Initiative), Pwn2car(Trend Micro Zero Day Initiative), Claudio Bozzato(Cisco Talos), Francesco Benvenuto(Cisco Talos), Halle Winkler, Politepix@@hallewinkler, Holger Fuhrmannek, Anton Boegler, Snoolie Keffaber@@0xilis, an anonymous researcher, Rodolphe Brunetti@@eisw0lf, CVE-2023-4504, Csaba Fitzl@@theevilbit(Kandji), @@08Tc3wBB(Jamf), Denis Tokarev@@illusionofcha0s, Junsung Lee, dw0r(ZeroPointer Lab working with Trend Micro Zero Day Initiative), Antonio Zekić, Andrew Lytvynov, Alexander Heinrich, SEEMOO, DistriNet, KU Leuven@@vanhoefm, TU Darmstadt@@Sn0wfreeze, Mathy Vanhoef, Jeff Johnson (underpassapp.com), OSS-Fuzz(Google Project Zero), Ned Williamson(Google Project Zero), Rodolphe BRUNETTI@@eisw0lf, Kirin@@Pwnrin(Fudan University), LFY@@secsys(Fudan University), Olivier Levon, CVE-2023-5841, Meng Zhang (鲸落)(NorthSea), ajajfxhj, Brian McNulty(Computer Science), Cristian Dinca(Computer Science), Romania, Vaibhav Prajapati, CVE-2024-39894, Wojciech Regula(SecuRing), Rifa'i Rejal Maynando, Narendra Bhati(Cyber Security at Suma Soft Pvt), Manager(Cyber Security at Suma Soft Pvt), Pune (India), Zhongquan Li@@Guluisacat, Yiğit Can YILMAZ@@yilmazcanyigit(SecuRing), Kirin@@Pwnrin(NorthSea), 냥냥, Vivek Dhar, working as Assistant Sub-Inspector (RM) in Border Security Force (Frontier Headquarter BSF Kashmir), Pedro José Pereira Vieito@@pvieito, luckyu@@uuulucky(NorthSea), Om Kothawade(the UNTHSC College of Pharmacy), Omar A. Alanis(the UNTHSC College of Pharmacy), Bistrit Dahal, Matej Moravec@@MacejkoMoravec, K宝, LFY@@secsys, Smi1e, yulige, Cristian Dinca (icmd.tech), Arsenii Kostromin (0x3c3e), Ron Masas(BreakPoint), Jonathan Bar Or@@yo_yo_yo_jbo(Microsoft), CVE-2024-41957, Narendra Bhati(Cyber Security At Suma Soft Pvt), Manager(Cyber Security At Suma Soft Pvt), Tashita Software Security, Ron Masas, Hafiizh(HakTrak), YoKo Kho@@yokoacc(HakTrak), Tim Michaud@@TimGMichaud(Moveworks), Antonio Zekic@@antoniozekic, ant4g0nist, Charly Suchanek, CVE-2024-44134, Preet Dsouza (Fleming College, Computer Security & Investigations Program), Domien Schepers, Tim Clem, Gergely Kalman@@gergely_kalman, Koh M. Nakagawa@@tsunek0h, CVE-2024-44129
Affected Software
3 affected componentsFixes available
Apple macOS Sequoia<15
15
Apple macOS Sonoma<14.7
14.7
Apple macOS<14.7
Event History
Sep 16, 2024
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeakness
CVE Published
via MITRE·11:23 PM
Data Sourced
via MITRE·11:23 PM
DescriptionWeakness
Sep 17, 2024
Data Sourced
via NVD·12:15 AM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2024-44153?
CVE-2024-44153 is categorized as a high severity vulnerability due to potential unauthorized access to user-sensitive data.
2
How do I fix CVE-2024-44153?
To fix CVE-2024-44153, update your macOS to version 14.7 or later.
3
Which software versions are affected by CVE-2024-44153?
CVE-2024-44153 affects macOS versions prior to 14.7.
4
What types of data can be accessed with CVE-2024-44153?
CVE-2024-44153 may allow apps to access user-sensitive data, which could include personal information.
5
When was CVE-2024-44153 disclosed?
CVE-2024-44153 was disclosed along with the fixes available in macOS Sonoma 14.7 and macOS Sequoia 15.