What is the severity of CVE-2024-44137?

The severity of CVE-2024-44137 is classified as high due to the permissions issue that could allow unauthorized access.

How do I fix CVE-2024-44137?

To fix CVE-2024-44137, users should update their macOS to versions 13.7.1, 14.7.1, or 15, which include the necessary security patches.

Which versions of macOS are affected by CVE-2024-44137?

CVE-2024-44137 affects macOS versions prior to 13.7.1, between 14.0 and 14.7.1, and versions before 15.

What type of vulnerability is CVE-2024-44137?

CVE-2024-44137 is a permissions issue that involves additional restrictions and improved checks in macOS.

What are the potential risks of CVE-2024-44137?

The potential risks of CVE-2024-44137 include unauthorized access to sensitive data or system functionalities due to inadequate permission checks.

Vulnerability/
CVE-2024-44137

medium

4.6

CWE

863 20 190 119 362

16/9/2024

28/10/2024

27/1/2025

CVE-2024-44137: Input Validation

First published: Mon Sep 16 2024(Updated: )

Accounts. A permissions issue was addressed with additional restrictions.

Credit: product-security@apple.com Michael DePlante @izobashi Trend Micro Zero Day InitiativePwn2car Trend Micro Zero Day InitiativeMickey Jin @patch1t Kirin @Pwnrin Claudio Bozzato Cisco TalosFrancesco Benvenuto Cisco TalosHalle Winkler Politepix @hallewinkler Holger Fuhrmannek Anton Boegler Snoolie Keffaber @0xilis an anonymous researcher Yiğit Can YILMAZ @yilmazcanyigit Rodolphe Brunetti @eisw0lf CVE-2023-4504 Csaba Fitzl @theevilbit Kandji @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day InitiativeAntonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Kirin @Pwnrin Fudan UniversityLFY @secsys Fudan UniversityOlivier Levon CVE-2023-5841 Meng Zhang (鲸落) NorthSeaajajfxhj Brian McNulty Computer ScienceCristian Dinca Computer ScienceRomania Vaibhav Prajapati CVE-2024-39894 Wojciech Regula SecuRingRifa'i Rejal Maynando Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Zhongquan Li @Guluisacat Yiğit Can YILMAZ @yilmazcanyigit SecuRingKirin @Pwnrin NorthSea냥냥 Vivek Dhar Pedro José Pereira Vieito @pvieito luckyu @uuulucky NorthSeaOm Kothawade the UNTHSC College of PharmacyOmar A. Alanis the UNTHSC College of PharmacyK宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Arsenii Kostromin (0x3c3e) Jonathan Bar Or @yo_yo_yo_jbo MicrosoftBohdan Stasiuk @Bohdan_Stasiuk CVE-2024-41957 Ron Masas Hafiizh HakTrakYoKo Kho @yokoacc HakTrakCharly Suchanek CVE-2024-44134 Domien Schepers Tim Clem Gergely Kalman @gergely_kalman Koh M. Nakagawa @tsunek0h CVE-2024-44129 Pedro Tôrres @t0rr3sp3dr0 CVE-2024-44130 Mateusz Krzywicki @krzywix Noah Gregory (wts.dev) Mickey Jin @patch1t KandjiUn3xploitable CW Research IncBohdan Stasiuk @Bohdan_Stasiuk CW Research IncBing Shi Alibaba GroupWenchao Li Alibaba GroupXiaolong Bai Alibaba Group Indiana University BloomingtonLuyi Xing Indiana University BloomingtonHossein Lotfi @hosselot Trend Micro Zero Day InitiativeJunsung Lee Trend Micro Zero Day Initiativedw0r! Trend Micro Zero Day InitiativeAlexandre Bedard Ronny Stiftel Wang Yu CyberservalJex Amro Ivan Fratric Google Project Zeropattern-f @pattern_F_ Loadshine LabHikerell Loadshine Lab

Affected Software	Affected Version	How to fix
Apple macOS	<13.7.1
Apple macOS	>=14.0<14.7.1
Apple macOS	<13.7.1	13.7.1
Apple macOS	<14.7.1	14.7.1
Apple macOS Sequoia	<15	15

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/121238 (Advisory)
https://support.apple.com/en-us/121570 (Advisory)
https://support.apple.com/en-us/121568 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2024-44255
CVE-2024-44232
CVE-2024-44233
CVE-2024-44234
CVE-2024-44270
CVE-2024-44280
CVE-2024-44126
CVE-2024-44260
CVE-2024-44295
CVE-2024-44240
CVE-2024-44302
CVE-2024-44213
CVE-2024-40855
CVE-2024-44289
CVE-2024-44282
CVE-2024-44265
CVE-2024-40854
CVE-2024-44215
CVE-2024-44297
CVE-2024-44216
CVE-2024-44287
CVE-2024-44197
CVE-2024-44239
CVE-2024-44122
CVE-2024-44222
CVE-2024-44256
CVE-2024-54471
CVE-2024-44156
CVE-2024-44159
CVE-2024-44196
CVE-2024-44253
CVE-2024-44247
CVE-2024-44267
CVE-2024-44301
CVE-2024-44275
CVE-2024-44294
CVE-2024-44137
CVE-2024-54538
CVE-2024-44254
CVE-2024-44269
CVE-2024-44236
CVE-2024-44237
CVE-2024-44284
CVE-2024-44279
CVE-2024-44281
CVE-2024-44283
CVE-2024-44278
CVE-2024-44264
CVE-2024-44257
CVE-2024-44273
CVE-2024-44175
CVE-2024-44144
CVE-2024-44218
CVE-2024-44129
CVE-2024-44153
CVE-2024-44188
CVE-2024-40792
CVE-2024-40825
CVE-2024-44130
CVE-2024-44182
CVE-2024-44154
CVE-2024-40845
CVE-2024-40846
CVE-2024-44164
CVE-2024-40837
CVE-2024-40847
CVE-2024-40848
CVE-2024-44168
CVE-2024-27860
CVE-2024-27861
CVE-2024-40841
CVE-2024-27795
CVE-2024-44135
CVE-2024-44132
CVE-2024-44128
CVE-2024-44151
CVE-2024-27876
CVE-2024-44172
CVE-2024-27869
CVE-2024-27875
CVE-2024-44146
CVE-2024-27849
CVE-2023-4504
CVE-2024-44148
CVE-2024-44177
CVE-2024-44131
CVE-2024-40850
CVE-2024-40831
CVE-2024-27880
CVE-2024-44176
CVE-2024-40861
CVE-2024-44160
CVE-2024-44161
CVE-2024-44169
CVE-2024-44165
CVE-2024-44191
CVE-2024-44198
CVE-2024-40791
CVE-2024-44181
CVE-2024-44183
CVE-2023-5841
CVE-2024-27858
CVE-2024-44167
CVE-2024-40838
CVE-2024-44186
CVE-2024-39894
CVE-2024-44178
CVE-2024-40826
CVE-2024-44149
CVE-2024-40797
CVE-2024-44155
CVE-2024-44125
CVE-2024-44163
CVE-2024-44203
CVE-2024-44174
CVE-2024-44123
CVE-2024-40801
CVE-2024-44158
CVE-2024-40844
CVE-2024-44145
CVE-2024-44170
CVE-2024-40860
CVE-2024-44152
CVE-2024-44166
CVE-2024-44190
CVE-2024-44133
CVE-2024-44184
CVE-2024-40859
CVE-2024-41957
CVE-2024-40857
CVE-2024-40866
CVE-2024-44187
CVE-2024-40770
CVE-2024-23237
CVE-2024-44134
CVE-2024-40856
CVE-2024-44189
CVE-2024-44208
CVE-2024-40842
CVE-2024-40843

Frequently Asked Questions

What is the severity of CVE-2024-44137?
The severity of CVE-2024-44137 is classified as high due to the permissions issue that could allow unauthorized access.
How do I fix CVE-2024-44137?
To fix CVE-2024-44137, users should update their macOS to versions 13.7.1, 14.7.1, or 15, which include the necessary security patches.
Which versions of macOS are affected by CVE-2024-44137?
CVE-2024-44137 affects macOS versions prior to 13.7.1, between 14.0 and 14.7.1, and versions before 15.
What type of vulnerability is CVE-2024-44137?
CVE-2024-44137 is a permissions issue that involves additional restrictions and improved checks in macOS.
What are the potential risks of CVE-2024-44137?
The potential risks of CVE-2024-44137 include unauthorized access to sensitive data or system functionalities due to inadequate permission checks.

agent/references
agent/type
agent/event
agent/severity
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/apple-support
source/Apple
alias/CVE-2024-44122
alias/CVE-2024-44222
alias/CVE-2024-44256
alias/CVE-2024-54471
alias/CVE-2024-44156
alias/CVE-2024-44159
alias/CVE-2024-44196
alias/CVE-2024-44253
alias/CVE-2024-44247
alias/CVE-2024-44267
alias/CVE-2024-44301
alias/CVE-2024-44275
alias/CVE-2024-44294
alias/CVE-2024-44137
alias/CVE-2024-54538
alias/CVE-2024-44254
alias/CVE-2024-44269
alias/CVE-2024-44236
alias/CVE-2024-44237
alias/CVE-2024-44284
alias/CVE-2024-44279
alias/CVE-2024-44281
alias/CVE-2024-44283
alias/CVE-2024-44278
alias/CVE-2024-44264
alias/CVE-2024-44257
alias/CVE-2024-44260
alias/CVE-2024-44295
alias/CVE-2024-44240
alias/CVE-2024-44302
alias/CVE-2024-44213
alias/CVE-2024-40855
alias/CVE-2024-44289
alias/CVE-2024-44282
alias/CVE-2024-44265
alias/CVE-2024-40854
alias/CVE-2024-44215
alias/CVE-2024-44297
alias/CVE-2024-44216
alias/CVE-2024-44287
alias/CVE-2024-44197
alias/CVE-2024-44239
alias/CVE-2024-44126
alias/CVE-2024-44233
alias/CVE-2024-44234
alias/CVE-2024-44270
alias/CVE-2024-44280
alias/CVE-2024-44232
alias/CVE-2024-44144
alias/CVE-2024-44218
alias/CVE-2024-44175
alias/CVE-2024-44273
agent/weakness
alias/CVE-2024-27869
alias/CVE-2024-27875
alias/CVE-2024-44146
alias/CVE-2024-27849
alias/CVE-2023-4504
alias/CVE-2024-44148
alias/CVE-2024-44177
alias/CVE-2024-44131
alias/CVE-2024-40850
alias/CVE-2024-40831
alias/CVE-2024-27880
alias/CVE-2024-44176
alias/CVE-2024-40861
alias/CVE-2024-44160
alias/CVE-2024-44161
alias/CVE-2024-44169
alias/CVE-2024-44165
alias/CVE-2024-44191
alias/CVE-2024-44198
alias/CVE-2024-40791
alias/CVE-2024-44181
alias/CVE-2024-44183
alias/CVE-2023-5841
alias/CVE-2024-27858
alias/CVE-2024-44167
alias/CVE-2024-40838
alias/CVE-2024-44186
alias/CVE-2024-39894
alias/CVE-2024-44178
alias/CVE-2024-40826
alias/CVE-2024-44149
alias/CVE-2024-40797
alias/CVE-2024-44155
alias/CVE-2024-44125
alias/CVE-2024-44163
alias/CVE-2024-44203
alias/CVE-2024-44174
alias/CVE-2024-44123
alias/CVE-2024-40801
alias/CVE-2024-40837
alias/CVE-2024-44158
alias/CVE-2024-40844
alias/CVE-2024-44145
alias/CVE-2024-44170
alias/CVE-2024-40860
alias/CVE-2024-44152
alias/CVE-2024-44166
alias/CVE-2024-44190
alias/CVE-2024-44133
alias/CVE-2024-44184
alias/CVE-2024-40859
alias/CVE-2024-41957
alias/CVE-2024-40857
alias/CVE-2024-40866
alias/CVE-2024-44187
alias/CVE-2024-40770
alias/CVE-2024-23237
alias/CVE-2024-44134
alias/CVE-2024-40856
alias/CVE-2024-44189
alias/CVE-2024-44208
alias/CVE-2024-40842
alias/CVE-2024-40843
alias/CVE-2024-40792
alias/CVE-2024-40825
alias/CVE-2024-44130
alias/CVE-2024-44182
alias/CVE-2024-44154
alias/CVE-2024-40845
alias/CVE-2024-40846
alias/CVE-2024-44164
alias/CVE-2024-40847
alias/CVE-2024-40848
alias/CVE-2024-44168
alias/CVE-2024-27860
alias/CVE-2024-27861
alias/CVE-2024-40841
alias/CVE-2024-27795
alias/CVE-2024-44135
alias/CVE-2024-44132
alias/CVE-2024-44128
alias/CVE-2024-44151
alias/CVE-2024-27876
alias/CVE-2024-44172
alias/CVE-2024-44188
alias/CVE-2024-44153
agent/author
agent/source
agent/tags
agent/last-modified-date
agent/softwarecombine
agent/description
agent/first-publish-date
vendor/apple
canonical/apple macos
version/apple macos/14.0
canonical/apple macos sequoia

CVE-2024-44137: Input Validation

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Peer vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2024-44137?

How do I fix CVE-2024-44137?

Which versions of macOS are affected by CVE-2024-44137?

What type of vulnerability is CVE-2024-44137?

What are the potential risks of CVE-2024-44137?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-44137?

How do I fix CVE-2024-44137?

Which versions of macOS are affected by CVE-2024-44137?

What type of vulnerability is CVE-2024-44137?

What are the potential risks of CVE-2024-44137?