๐Ÿ” CVE Alert

CVE-2024-23245

MEDIUM 5.4
CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.

Vendor apple
Product macos
Ecosystems
Industries
Technology
Published Mar 8, 2024
Last Updated Apr 2, 2026
Stay Ahead of the Next One

Get instant alerts for apple macos

Be the first to know when new medium vulnerabilities affecting apple macos are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Apple / macOS
0 < 12.7.4 0 < 13.6.5 0 < 14.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
support.apple.com: https://support.apple.com/en-us/120884 support.apple.com: https://support.apple.com/en-us/120886 support.apple.com: https://support.apple.com/en-us/120895 support.apple.com: https://support.apple.com/en-us/HT214083 support.apple.com: https://support.apple.com/en-us/HT214085 support.apple.com: https://support.apple.com/en-us/HT214084 seclists.org: http://seclists.org/fulldisclosure/2024/Mar/21 seclists.org: http://seclists.org/fulldisclosure/2024/Mar/22 seclists.org: http://seclists.org/fulldisclosure/2024/Mar/23 support.apple.com: https://support.apple.com/kb/HT214085 support.apple.com: https://support.apple.com/kb/HT214084 support.apple.com: https://support.apple.com/kb/HT214083