Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.07%
20.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Apple macOS <13.7.2 | |
| Apple | Apple macOS <14.7.2 | |
| Apple | Apple macOS <15.2 |
Timeline
- Dec 11, 2024 CVE Published
- Jan 27, 2025 Coalition ESS Score
- Jan 27, 2025 PoC Published
- Jan 28, 2025 EPSS Score
- Jan 28, 2025 Coalition ESS Score
- Feb 12, 2025 EPSS Score
- Feb 18, 2025 PoC Published
- Feb 22, 2025 Coalition ESS Score
- Feb 26, 2025 EPSS Score
- Mar 13, 2025 EPSS Score
- Mar 19, 2025 Coalition ESS Score
- Mar 27, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3692.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3692 advisory
- https://lists.apple.com/archives/security-announce/2024/Dec/msg00002.html advisory
- https://lists.apple.com/archives/security-announce/2024/Dec/msg00003.html advisory
- https://lists.apple.com/archives/security-announce/2024/Dec/msg00004.html advisory
- https://jhftss.github.io/CVE-2024-54527-MediaLibraryService-Full-TCC-Bypass/ advisory
- https://cybersecuritynews.com/macos-sandbox-vulnerability-cve-2024-54498-poc-exploit-released/ exploit
- https://github.com/koreacsl/SysBumps advisory