{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-27888", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2024-02-26T15:32:28.544Z", "datePublished": "2024-07-29T22:17:24.302Z", "dateUpdated": "2024-08-02T00:41:55.495Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to modify protected parts of the file system"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "14.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system."}], "references": [{"url": "https://support.apple.com/en-us/HT214084"}, {"url": "https://support.apple.com/kb/HT214084"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-07-29T22:17:24.302Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-281", "lang": "en", "description": "CWE-281 Improper Preservation of Permissions"}]}], "affected": [{"vendor": "apple", "product": "macos", "cpes": ["cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "14.0", "status": "affected", "lessThan": "14.4", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-30T17:37:32.246403Z", "id": "CVE-2024-27888", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T17:51:06.676Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.495Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214084", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214084", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214084", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214084", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.495Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-27888", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-30T17:37:32.246403Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "macos", "versions": [{"status": "affected", "version": "14.0", "lessThan": "14.4", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-281", "description": "CWE-281 Improper Preservation of Permissions"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T17:49:38.660Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.4", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT214084"}, {"url": "https://support.apple.com/kb/HT214084"}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to modify protected parts of the file system"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-07-29T22:17:24.302Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27888", "state": "PUBLISHED", "dateUpdated": "2024-08-02T00:41:55.495Z", "dateReserved": "2024-02-26T15:32:28.544Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2024-07-29T22:17:24.302Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system."}, {"lang": "es", "value": " Se solucion\u00f3 un problema de permisos eliminando el c\u00f3digo vulnerable y agregando comprobaciones adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14.4. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos."}], "id": "CVE-2024-27888", "lastModified": "2024-08-01T13:48:54.013", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-29T23:15:11.183", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/HT214084"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/kb/HT214084"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-281"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}