5.5
MEDIUM
CVE-2024-44243
Apple macOS Sequoia File System Privilege Escalation
Description

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2. An app may be able to modify protected parts of the file system.

INFO

Published Date :

Dec. 12, 2024, 2:15 a.m.

Last Modified :

Dec. 20, 2024, 7:15 p.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

1.8
Affected Products

The following products are affected by CVE-2024-44243 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Apple macos
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-44243.

URL Resource
https://support.apple.com/en-us/121839 Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-44243 vulnerability anywhere in the article.

  • TheCyberThrone
CVE-2024-44243: macOS SIP Bypass Flaw

CVE-2024-44243 is a critical vulnerability discovered in macOS that allows attackers to bypass Apple’s System Integrity Protection (SIP) by exploiting third-party kernel extensions. This vulnerability ... Read more

Published Date: Jan 15, 2025 (4 hours, 58 minutes ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-44243 CVE-2024-49415
  • Dark Reading
Apple Bug Allows Root Protections Bypass Without Physical Access

Source: Andrey Kryuchkov via Alamy Stock PhotoCyber defenders are encouraged to ensure systems have been updated with the latest macOS patch, which includes a fix for a vulnerability that exposed the ... Read more

Published Date: Jan 14, 2025 (1 day ago)
CVE-2024-44243
  • The Hacker News
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Endpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to byp ... Read more

Published Date: Jan 14, 2025 (1 day, 5 hours ago)
CVE-2025-0282 CVE-2024-44243 CVE-2024-44133 CVE-2023-32369 CVE-2022-22583 CVE-2021-30892
  • Cybersecurity News
Kernel Modules and Malicious Commands: Anatomy of the sysinitd Rootkit

The workflow chart of this rootkit malware | Source: FGIRThe FortiGuard Incident Response (FGIR) team has conducted a comprehensive analysis of a sophisticated Linux rootkit, shedding light on how it ... Read more

Published Date: Jan 14, 2025 (1 day, 19 hours ago)
CVE-2024-44243 CVE-2024-21338
  • Cybersecurity News
Microsoft Unveils CVE-2024-44243: A macOS System Integrity Protection Bypass Through Kernel Extensions

Microsoft Defender Research Team has revealed a macOS vulnerability—CVE-2024-44243—that allows attackers to bypass Apple’s robust System Integrity Protection (SIP). SIP, a cornerstone of macOS securit ... Read more

Published Date: Jan 14, 2025 (1 day, 19 hours ago)
CVE-2024-54498 CVE-2024-44243 CVE-2023-32369
  • BleepingComputer
Microsoft: macOS bug lets hackers install malicious kernel drivers

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. System I ... Read more

Published Date: Jan 13, 2025 (2 days, 3 hours ago)
CVE-2024-44243 CVE-2023-32369 CVE-2022-42821 CVE-2021-30970 CVE-2021-30892
  • seclists.org
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2

Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 11 Dec 2024 16:36:26 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more

Published Date: Dec 12, 2024 (1 month ago)
CVE-2024-54534 CVE-2024-54531 CVE-2024-54529 CVE-2024-54528 CVE-2024-54527 CVE-2024-54526 CVE-2024-54524 CVE-2024-54515 CVE-2024-54514 CVE-2024-54513 ...+34 more CVE

The following table lists the changes that have been made to the CVE-2024-44243 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Dec. 20, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  • Initial Analysis by [email protected]

    Dec. 18, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration OR *cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* versions from (including) 15.0 up to (excluding) 15.2
    Changed Reference Type https://support.apple.com/en-us/121839 No Types Assigned https://support.apple.com/en-us/121839 Vendor Advisory
  • New CVE Received by [email protected]

    Dec. 12, 2024

    Action Type Old Value New Value
    Added Description A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2. An app may be able to modify protected parts of the file system.
    Added Reference https://support.apple.com/en-us/121839
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-44243 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-44243 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: