CVE-2024-54536

Summary

The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables.

Affected Software

VendorProductVersion RangeStatus
ApplemacOS0 < 15.2affected

Weaknesses

  • An app may be able to edit NVRAM variables

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References