macOS
macOS 13.7.1
Official advisory49 CVEs fixed by this release.
- Release date
- 2024-10-28
- End of support
- 2025-09-15 EOL
- CVEs fixed
- 49
- CISA KEV
- 0
- Critical
- 0
- High
- 0
- NVD pending
- 49
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2024-40854
[Apple GPU Drivers] An app may be able to cause unexpected system termination |
N/A | — | [Apple GPU Drivers] An app may be able to cause unexpected system termination | |
|
CVE-2024-40855
[Apple DiskArbitration] A sandboxed app may be able to access sensitive user data |
N/A | — | [Apple DiskArbitration] A sandboxed app may be able to access sensitive user data | |
|
CVE-2024-44122
[Apple LaunchServices] An application may be able to break out of its sandbox |
N/A | — | [Apple LaunchServices] An application may be able to break out of its sandbox | |
|
CVE-2024-44126
[Apple ARKit] Processing a maliciously crafted file may lead to heap corruption |
N/A | — | [Apple ARKit] Processing a maliciously crafted file may lead to heap corruption | |
|
CVE-2024-44137
[Apple Screen Capture] An attacker with physical access may be able to share items from the lock screen |
N/A | — | [Apple Screen Capture] An attacker with physical access may be able to share items from the lock screen | |
|
CVE-2024-44156
[Apple PackageKit] An app may be able to bypass Privacy preferences |
N/A | — | [Apple PackageKit] An app may be able to bypass Privacy preferences | |
|
CVE-2024-44159
[Apple PackageKit] An app may be able to bypass Privacy preferences |
N/A | — | [Apple PackageKit] An app may be able to bypass Privacy preferences | |
|
CVE-2024-44196
[Apple PackageKit] An app may be able to modify protected parts of the file system |
N/A | — | [Apple PackageKit] An app may be able to modify protected parts of the file system | |
|
CVE-2024-44197
[Apple IOGPUFamily] An app may be able to cause unexpected system termination or corrupt kernel memory |
N/A | — | [Apple IOGPUFamily] An app may be able to cause unexpected system termination or corrupt kernel memory | |
|
CVE-2024-44213
[Apple CUPS] An attacker in a privileged network position may be able to leak sensitive user information |
N/A | — | [Apple CUPS] An attacker in a privileged network position may be able to leak sensitive user information | |
|
CVE-2024-44215
[Apple ImageIO] Processing an image may result in disclosure of process memory |
N/A | — | [Apple ImageIO] Processing an image may result in disclosure of process memory | |
|
CVE-2024-44216
[Apple Installer] An app may be able to access user-sensitive data |
N/A | — | [Apple Installer] An app may be able to access user-sensitive data | |
|
CVE-2024-44222
[Apple Maps] An app may be able to read sensitive location information |
N/A | — | [Apple Maps] An app may be able to read sensitive location information | |
|
CVE-2024-44232
[Apple AppleAVD] Parsing a maliciously crafted video file may lead to unexpected system termination |
N/A | — | [Apple AppleAVD] Parsing a maliciously crafted video file may lead to unexpected system termination | |
|
CVE-2024-44233
[Apple AppleAVD] Parsing a maliciously crafted video file may lead to unexpected system termination |
N/A | — | [Apple AppleAVD] Parsing a maliciously crafted video file may lead to unexpected system termination | |
|
CVE-2024-44234
[Apple AppleAVD] Parsing a maliciously crafted video file may lead to unexpected system termination |
N/A | — | [Apple AppleAVD] Parsing a maliciously crafted video file may lead to unexpected system termination | |
|
CVE-2024-44236
[Apple sips] Processing a maliciously crafted file may lead to unexpected app termination |
N/A | — | [Apple sips] Processing a maliciously crafted file may lead to unexpected app termination | |
|
CVE-2024-44237
[Apple sips] Processing a maliciously crafted file may lead to unexpected app termination |
N/A | — | [Apple sips] Processing a maliciously crafted file may lead to unexpected app termination | |
|
CVE-2024-44239
[Apple Kernel] An app may be able to leak sensitive kernel state |
N/A | — | [Apple Kernel] An app may be able to leak sensitive kernel state | |
|
CVE-2024-44240
[Apple CoreText] Processing a maliciously crafted font may result in the disclosure of process memory |
N/A | — | [Apple CoreText] Processing a maliciously crafted font may result in the disclosure of process memory | |
|
CVE-2024-44247
[Apple PackageKit] A malicious application may be able to modify protected parts of the file system |
N/A | — | [Apple PackageKit] A malicious application may be able to modify protected parts of the file system | |
|
CVE-2024-44253
[Apple PackageKit] An app may be able to modify protected parts of the file system |
N/A | — | [Apple PackageKit] An app may be able to modify protected parts of the file system | |
|
CVE-2024-44254
[Apple Shortcuts] An app may be able to access sensitive user data |
N/A | — | [Apple Shortcuts] An app may be able to access sensitive user data | |
|
CVE-2024-44255
[Apple App Support] A malicious app may be able to run arbitrary shortcuts without user consent |
N/A | — | [Apple App Support] A malicious app may be able to run arbitrary shortcuts without user consent | |
|
CVE-2024-44256
[Apple Messages] An app may be able to break out of its sandbox |
N/A | — | [Apple Messages] An app may be able to break out of its sandbox | |
|
CVE-2024-44257
[Apple WindowServer] An app may be able to access sensitive user data |
N/A | — | [Apple WindowServer] An app may be able to access sensitive user data | |
|
CVE-2024-44260
[Apple Assets] A malicious app with root privileges may be able to modify the contents of system files |
N/A | — | [Apple Assets] A malicious app with root privileges may be able to modify the contents of system files | |
|
CVE-2024-44264
[Apple SystemMigration] A malicious app may be able to create symlinks to protected regions of the disk |
N/A | — | [Apple SystemMigration] A malicious app may be able to create symlinks to protected regions of the disk | |
|
CVE-2024-44265
[Apple Game Controllers] An attacker with physical access can input Game Controller events to apps running on a locked … |
N/A | — | [Apple Game Controllers] An attacker with physical access can input Game Controller events to apps running on a locked device | |
|
CVE-2024-44267
[Apple PackageKit] A malicious application may be able to modify protected parts of the file system |
N/A | — | [Apple PackageKit] A malicious application may be able to modify protected parts of the file system | |
|
CVE-2024-44269
[Apple Shortcuts] A malicious app may use shortcuts to access restricted files |
N/A | — | [Apple Shortcuts] A malicious app may use shortcuts to access restricted files | |
|
CVE-2024-44270
[Apple AppleMobileFileIntegrity] A sandboxed process may be able to circumvent sandbox restrictions |
N/A | — | [Apple AppleMobileFileIntegrity] A sandboxed process may be able to circumvent sandbox restrictions | |
|
CVE-2024-44275
[Apple PackageKit] A malicious application may be able to modify protected parts of the file system |
N/A | — | [Apple PackageKit] A malicious application may be able to modify protected parts of the file system | |
|
CVE-2024-44278
[Apple Siri] A sandboxed app may be able to access sensitive user data in system logs |
N/A | — | [Apple Siri] A sandboxed app may be able to access sensitive user data in system logs | |
|
CVE-2024-44279
[Apple sips] Parsing a file may lead to disclosure of user information |
N/A | — | [Apple sips] Parsing a file may lead to disclosure of user information | |
|
CVE-2024-44280
[Apple AppleMobileFileIntegrity] An app may be able to modify protected parts of the file system |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to modify protected parts of the file system | |
|
CVE-2024-44281
[Apple sips] Parsing a file may lead to disclosure of user information |
N/A | — | [Apple sips] Parsing a file may lead to disclosure of user information | |
|
CVE-2024-44282
[Apple Foundation] Parsing a file may lead to disclosure of user information |
N/A | — | [Apple Foundation] Parsing a file may lead to disclosure of user information | |
|
CVE-2024-44283
[Apple sips] Parsing a maliciously crafted file may lead to an unexpected app termination |
N/A | — | [Apple sips] Parsing a maliciously crafted file may lead to an unexpected app termination | |
|
CVE-2024-44284
[Apple sips] Parsing a maliciously crafted file may lead to an unexpected app termination |
N/A | — | [Apple sips] Parsing a maliciously crafted file may lead to an unexpected app termination | |
|
CVE-2024-44287
[Apple Installer] A malicious application may be able to modify protected parts of the file system |
N/A | — | [Apple Installer] A malicious application may be able to modify protected parts of the file system | |
|
CVE-2024-44289
[Apple Find My] An app may be able to read sensitive location information |
N/A | — | [Apple Find My] An app may be able to read sensitive location information | |
|
CVE-2024-44294
[Apple PackageKit] An attacker with root privileges may be able to delete protected system files |
N/A | — | [Apple PackageKit] An attacker with root privileges may be able to delete protected system files | |
|
CVE-2024-44295
[Apple CoreServicesUIAgent] An app may be able to modify protected parts of the file system |
N/A | — | [Apple CoreServicesUIAgent] An app may be able to modify protected parts of the file system | |
|
CVE-2024-44297
[Apple ImageIO] Processing a maliciously crafted message may lead to a denial-of-service |
N/A | — | [Apple ImageIO] Processing a maliciously crafted message may lead to a denial-of-service | |
|
CVE-2024-44301
[Apple PackageKit] A malicious application may be able to modify protected parts of the file system |
N/A | — | [Apple PackageKit] A malicious application may be able to modify protected parts of the file system | |
|
CVE-2024-44302
[Apple CoreText] Processing a maliciously crafted font may result in the disclosure of process memory |
N/A | — | [Apple CoreText] Processing a maliciously crafted font may result in the disclosure of process memory | |
|
CVE-2024-54471
[Apple NetAuth] A malicious application may be able to leak a user's credentials |
N/A | — | [Apple NetAuth] A malicious application may be able to leak a user's credentials | |
|
CVE-2024-54538
[Apple Security] A remote attacker may be able to cause a denial-of-service |
N/A | — | [Apple Security] A remote attacker may be able to cause a denial-of-service |