CVE-2024-54498

The software that is vulnerable is macOS, specifically the versions prior to macOS Sequoia 15.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2. The vulnerability is a path handling issue that was addressed with improved validation, allowing an app to potentially break out of its sandbox. A proof-of-concept (PoC) exploit has been released, which demonstrates the vulnerability and allows apps to bypass sandbox protections, posing a high risk of data theft. The vulnerability has been patched in the latest versions of macOS, and users are advised to update their systems to prevent exploitation. There is a public exploit available for this vulnerability, and it is possible that attackers may exploit it to gain unauthorized access to sensitive data. The vulnerability is identified as CVE-2024-54498, and it affects the sharedfilelistd component of macOS. The exploit can be used to escape the macOS sandbox, allowing malicious apps to access sensitive data and compromise the system. #macOS #CVE202454498 #CybersecurityNews #SandboxVulnerability #DataTheft #PatchNow #macOSVulnerability #CVE2024 #Cybersecurity