The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.
History

Thu, 12 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Tue, 17 Sep 2024 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple visionos
Weaknesses CWE-284
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Apple visionos
Metrics cvssV3_1

{'score': 6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 16 Sep 2024 23:30:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-09-16T23:23:26.697Z

Updated: 2024-09-17T19:14:31.546Z

Reserved: 2024-07-10T17:11:04.698Z

Link: CVE-2024-40825

cve-icon Vulnrichment

Updated: 2024-09-17T18:57:48.463Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-17T00:15:48.597

Modified: 2024-12-12T15:57:15.450

Link: CVE-2024-40825

cve-icon Redhat

No data.