CVE-2024-54520

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 27, 2025

Updated: Jan 28, 2025

CWE ID 787

Summary

CVE-2024-54520 is a newly identified path handling vulnerability that affected older versions of macOS, including Sonoma 14.7 and Sequoia 15.2, as well as macOS Ventura 13.7. This issue allowed applications to overwrite arbitrary files due to insufficient validation. The vulnerability has been rectified in the latest updates to these operating systems, specifically in macOS Sonoma 14.7.2, macOS Sequoia 15.2, and macOS Ventura 13.7.2. Users are strongly recommended to install these updates to mitigate the risk of potential file overwriting attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1NxDGl
https://www.cve.org/CVERecord?id=CVE-2024-54520
https://nvd.nist.gov/vuln/detail/CVE-2024-54520

Back to Vulnerability Database