CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
17.1%
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. An app may be able to bypass Privacy preferences.
seclists.org/fulldisclosure/2024/Jul/16
seclists.org/fulldisclosure/2024/Jul/18
seclists.org/fulldisclosure/2024/Jul/19
seclists.org/fulldisclosure/2024/Jul/20
seclists.org/fulldisclosure/2024/Jul/21
seclists.org/fulldisclosure/2024/Jul/22
support.apple.com/en-us/HT214117
support.apple.com/en-us/HT214118
support.apple.com/en-us/HT214119
support.apple.com/en-us/HT214120
support.apple.com/en-us/HT214122
support.apple.com/en-us/HT214124