CVE-2024-44128

Summary

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An Automator Quick Action workflow may be able to bypass Gatekeeper.

Affected Software

VendorProductVersion RangeStatus
ApplemacOS0 < 13.7affected
ApplemacOS0 < 14.7affected
ApplemacOS0 < 15affected

Weaknesses

  • An Automator Quick Action workflow may be able to bypass Gatekeeper

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References