CVE-2024-44174: Input Validation

First published: Mon Sep 16 2024(Updated: )

Accounts. A permissions issue was addressed with additional restrictions.

Credit: Kirin @Pwnrin Rodolphe Brunetti @eisw0lf CVE-2023-4504 Csaba Fitzl @theevilbit Kandjian anonymous researcher @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Yiğit Can YILMAZ @yilmazcanyigit Mickey Jin @patch1t Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeAntonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef Jeff Johnson (underpassapp.com) OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Kirin @Pwnrin Fudan UniversityLFY @secsys Fudan UniversityOlivier Levon CVE-2023-5841 Meng Zhang (鲸落) NorthSeaajajfxhj Brian McNulty Computer ScienceCristian Dinca Computer ScienceRomania Vaibhav Prajapati CVE-2024-39894 Wojciech Regula SecuRingRifa'i Rejal Maynando Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Zhongquan Li @Guluisacat Yiğit Can YILMAZ @yilmazcanyigit SecuRingKirin @Pwnrin NorthSea냥냥 Halle Winkler Politepix @hallewinkler Vivek Dhar working as Assistant Sub-Inspector (RM) in Border Security Force (Frontier Headquarter BSF Kashmir) Pedro José Pereira Vieito @pvieito luckyu @uuulucky NorthSeaOm Kothawade the UNTHSC College of PharmacyOmar A. Alanis the UNTHSC College of PharmacyBistrit Dahal Matej Moravec @MacejkoMoravec K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Arsenii Kostromin (0x3c3e) Ron Masas BreakPointJonathan Bar Or @yo_yo_yo_jbo MicrosoftBohdan Stasiuk @Bohdan_Stasiuk CVE-2024-41957 Narendra Bhati Cyber Security At Suma Soft PvtManager Cyber Security At Suma Soft PvtTashita Software Security Ron Masas Hafiizh HakTrakYoKo Kho @yokoacc HakTrakTim Michaud @TimGMichaud MoveworksAntonio Zekic @antoniozekic ant4g0nist Charly Suchanek CVE-2024-44134 Preet Dsouza (Fleming College Computer Security & Investigations Program) Domien Schepers Tim Clem Gergely Kalman @gergely_kalman Koh M. Nakagawa @tsunek0h Pedro Tôrres @t0rr3sp3dr0 CVE-2024-44130 Pwn2car Trend Micro Zero Day InitiativeClaudio Bozzato Cisco TalosFrancesco Benvenuto Cisco TalosHolger Fuhrmannek Anton Boegler Snoolie Keffaber @0xilis CVE-2024-44129 product-security@apple.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/type
• agent/event
• agent/severity
• collector/mitre-cve
• source/MITRE
• agent/weakness
• agent/last-modified-date
• agent/source
• agent/author
• agent/description
• agent/first-publish-date
• agent/tags
• agent/softwarecombine
• collector/apple-support
• source/Apple
• alias/CVE-2023-4504
• alias/CVE-2024-40855
• alias/CVE-2024-44148
• alias/CVE-2024-44177
• alias/CVE-2024-54469
• alias/CVE-2024-44131
• alias/CVE-2024-40850
• alias/CVE-2024-54463
• alias/CVE-2024-40831
• alias/CVE-2024-27880
• alias/CVE-2024-44176
• alias/CVE-2024-40861
• alias/CVE-2024-44160
• alias/CVE-2024-44161
• alias/CVE-2024-44169
• alias/CVE-2024-44165
• alias/CVE-2024-44175
• alias/CVE-2024-44191
• alias/CVE-2024-54560
• alias/CVE-2024-44122
• alias/CVE-2024-44198
• alias/CVE-2024-40791
• alias/CVE-2024-54473
• alias/CVE-2024-44181
• alias/CVE-2024-44183
• alias/CVE-2023-5841
• alias/CVE-2024-27858
• alias/CVE-2024-44167
• alias/CVE-2024-40838
• alias/CVE-2024-44186
• alias/CVE-2024-39894
• alias/CVE-2024-44178
• alias/CVE-2024-40826
• alias/CVE-2024-44149
• alias/CVE-2024-40797
• alias/CVE-2024-44155
• alias/CVE-2024-44125
• alias/CVE-2024-44163
• alias/CVE-2024-44203
• alias/CVE-2024-44144
• alias/CVE-2024-44137
• alias/CVE-2024-44174
• alias/CVE-2024-44123
• alias/CVE-2024-40801
• alias/CVE-2024-40837
• alias/CVE-2024-44158
• alias/CVE-2024-40844
• alias/CVE-2024-44145
• alias/CVE-2024-44179
• alias/CVE-2024-44170
• alias/CVE-2024-40860
• alias/CVE-2024-44152
• alias/CVE-2024-44166
• alias/CVE-2024-44190
• alias/CVE-2024-54558
• alias/CVE-2024-44133
• alias/CVE-2024-44184
• alias/CVE-2024-40859
• alias/CVE-2024-41957
• alias/CVE-2024-54467
• alias/CVE-2024-44192
• alias/CVE-2024-40857
• alias/CVE-2024-40866
• alias/CVE-2024-44187
• alias/CVE-2024-44227
• alias/CVE-2024-54546
• alias/CVE-2024-40770
• alias/CVE-2024-23237
• alias/CVE-2024-44134
• alias/CVE-2024-40856
• alias/CVE-2024-44189
• alias/CVE-2024-44208
• alias/CVE-2024-40842
• alias/CVE-2024-40843
• alias/CVE-2024-27875
• alias/CVE-2024-44146
• alias/CVE-2024-27849
• agent/software-canonical-lookup
• alias/CVE-2024-27869
• alias/CVE-2024-40792
• alias/CVE-2024-40825
• alias/CVE-2024-44130
• alias/CVE-2024-44182
• alias/CVE-2024-44154
• alias/CVE-2024-40845
• alias/CVE-2024-40846
• alias/CVE-2024-44164
• alias/CVE-2024-40847
• alias/CVE-2024-40848
• alias/CVE-2024-44168
• alias/CVE-2024-27860
• alias/CVE-2024-27861
• alias/CVE-2024-40841
• alias/CVE-2024-27795
• alias/CVE-2024-44135
• alias/CVE-2024-44132
• alias/CVE-2024-44126
• alias/CVE-2024-44128
• alias/CVE-2024-44151
• alias/CVE-2024-27876
• alias/CVE-2024-44172
• alias/CVE-2024-44188
• alias/CVE-2024-44153
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup-request
• vendor/apple
• canonical/macos