CVE-2024-42219

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 6, 2024
Updated: Aug 12, 2024
CWE ID 1289

Summary

CVE-2024-42219 is a vulnerability affecting 1Password 8 versions prior to 8.10.36 on macOS. This issue stems from insufficient validation in XPC inter-process communication, enabling local attackers to exfiltrate sensitive vault data. Successful exploitation of this vulnerability could result in the loss of passwords, encryption keys, and other confidential information, posing a significant risk to users. It is strongly recommended that affected users upgrade to the latest version of 1Password to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share