CVE-2024-44219
Improper Permissions in macOS Sequoia 15.1 Enables Data Access
Publication date: 2026-04-02
Last updated on: 2026-04-03
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos | to 15.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a permissions issue in macOS Sequoia 15.1 where a malicious application with root privileges may be able to access private information. The issue was addressed by adding additional restrictions to prevent unauthorized access.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow a malicious application running with root privileges to access private information on the affected system, potentially leading to data exposure or compromise.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your system to macOS Sequoia 15.1 or later, where the issue has been fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a malicious application with root privileges to access private information, which could lead to unauthorized data exposure.
Such unauthorized access to private information may impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls to protect sensitive data.
Addressing this issue with additional permission restrictions, as done in macOS Sequoia 15.1, helps mitigate risks related to unauthorized data access and supports compliance efforts.