CVE-2024-44195

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-44195
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/121564 Vendor Advisory
http://seclists.org/fulldisclosure/2024/Oct/11
Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:macos:15.0:*:*:*:*:*:*:*
History

03 Nov 2025, 22:18

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Oct/11 -

23 Jan 2025, 20:38

Type Values Removed Values Added
CPE cpe:2.3:o:apple:macos:15.0:*:*:*:*:*:*:*
References () https://support.apple.com/en-us/121564 - () https://support.apple.com/en-us/121564 - Vendor Advisory
Summary
  • (es) Se solucionó un problema de lógica mejorando la validación. Este problema se solucionó en macOS Sequoia 15.1. Es posible que una aplicación pueda leer archivos arbitrarios.
First Time Apple
Apple macos
CWE NVD-CWE-noinfo

20 Dec 2024, 17:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-22

20 Dec 2024, 04:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-12-20 04:15

Updated : 2025-11-03 22:18

NVD link : CVE-2024-44195

Mitre link : CVE-2024-44195

CVE.ORG link : CVE-2024-44195

JSON object : View

Products Affected

apple

  • macos
CWE
NVD-CWE-noinfo CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')