CVE-2024-44220: Malicious File Upload
First published: Wed Dec 11 2024(Updated: )
Accounts. A logic issue was addressed with improved file handling.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | >=14.0<14.7.2 | |
| Apple macOS | >=15.0<15.2 | |
| Apple macOS | <14.7.2 | 14.7.2 |
| Apple macOS Sequoia | <15.2 | 15.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/121839 (Advisory)
- https://support.apple.com/en-us/121840 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2024-54488
- CVE-2024-54541
- CVE-2024-54477
- CVE-2024-44220
- CVE-2024-54527
- CVE-2024-54526
- CVE-2024-54509
- CVE-2024-54529
- CVE-2024-44300
- CVE-2024-54466
- CVE-2024-54489
- CVE-2024-54547
- CVE-2024-54519
- CVE-2024-54486
- CVE-2024-54478
- CVE-2024-54500
- CVE-2024-54468
- CVE-2024-54494
- CVE-2024-54510
- CVE-2024-44245
- CVE-2024-44201
- CVE-2024-45490
- CVE-2024-54514
- CVE-2024-44225
- CVE-2024-54474
- CVE-2024-54476
- CVE-2024-54537
- CVE-2024-54501
- CVE-2024-44248
- CVE-2024-54557
- CVE-2024-54516
- CVE-2024-54528
- CVE-2024-54498
- CVE-2024-44291
- CVE-2024-44224
- CVE-2024-54495
- CVE-2024-54520
- CVE-2024-54475
- CVE-2024-45306
- CVE-2024-54539
- CVE-2024-54490
- CVE-2024-54550
- CVE-2024-54513
- CVE-2024-54499
- CVE-2024-54517
- CVE-2024-54518
- CVE-2024-54522
- CVE-2024-54523
- CVE-2024-54506
- CVE-2024-54507
- CVE-2024-54531
- CVE-2024-54465
- CVE-2024-54491
- CVE-2024-54484
- CVE-2024-54536
- CVE-2024-54504
- CVE-2024-54530
- CVE-2024-54492
- CVE-2023-32395
- CVE-2024-54497
- CVE-2024-44246
- CVE-2024-54542
- CVE-2024-54515
- CVE-2024-54524
- CVE-2024-54493
- CVE-2024-44243
- CVE-2024-54549
- CVE-2024-54485
- CVE-2024-54479
- CVE-2024-54502
- CVE-2024-54508
- CVE-2024-54505
- CVE-2024-54534
- CVE-2024-54543
Frequently Asked Questions
What is the severity of CVE-2024-44220?
CVE-2024-44220 is classified with a medium severity due to its logic issue and file handling vulnerabilities.
How do I fix CVE-2024-44220?
To fix CVE-2024-44220, update to macOS versions 14.7.2 or 15.2 or later.
Which versions of macOS are affected by CVE-2024-44220?
CVE-2024-44220 affects macOS versions between 14.0 and 14.7.2, as well as versions between 15.0 and 15.2.
What types of issues does CVE-2024-44220 address?
CVE-2024-44220 addresses logic issues, improved file handling, state management, and memory handling in Apple software components.
Who is impacted by CVE-2024-44220?
Users running affected versions of Apple macOS, specifically those prior to 14.7.2 and 15.2, are at risk for CVE-2024-44220.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/apple-support
- source/Apple
- alias/CVE-2024-54477
- alias/CVE-2024-44220
- alias/CVE-2024-54527
- alias/CVE-2024-54526
- alias/CVE-2024-54509
- alias/CVE-2024-54529
- alias/CVE-2024-44300
- alias/CVE-2024-54466
- alias/CVE-2024-54489
- alias/CVE-2024-54547
- alias/CVE-2024-54519
- alias/CVE-2024-54486
- alias/CVE-2024-54478
- alias/CVE-2024-54500
- alias/CVE-2024-54468
- alias/CVE-2024-54494
- alias/CVE-2024-54510
- alias/CVE-2024-44245
- alias/CVE-2024-44201
- alias/CVE-2024-45490
- alias/CVE-2024-54514
- alias/CVE-2024-44225
- alias/CVE-2024-54474
- alias/CVE-2024-54476
- alias/CVE-2024-54537
- alias/CVE-2024-54501
- alias/CVE-2024-44248
- alias/CVE-2024-54557
- alias/CVE-2024-54516
- alias/CVE-2024-54528
- alias/CVE-2024-54498
- alias/CVE-2024-44291
- alias/CVE-2024-44224
- alias/CVE-2024-54495
- alias/CVE-2024-54520
- alias/CVE-2024-54475
- alias/CVE-2024-45306
- alias/CVE-2024-54539
- alias/CVE-2024-54541
- alias/CVE-2024-54490
- alias/CVE-2024-54550
- alias/CVE-2024-54513
- alias/CVE-2024-54499
- alias/CVE-2024-54517
- alias/CVE-2024-54518
- alias/CVE-2024-54522
- alias/CVE-2024-54523
- alias/CVE-2024-54506
- alias/CVE-2024-54507
- alias/CVE-2024-54531
- alias/CVE-2024-54465
- alias/CVE-2024-54491
- alias/CVE-2024-54484
- alias/CVE-2024-54536
- alias/CVE-2024-54504
- alias/CVE-2024-54530
- alias/CVE-2024-54492
- alias/CVE-2023-32395
- alias/CVE-2024-54497
- alias/CVE-2024-44246
- alias/CVE-2024-54542
- alias/CVE-2024-54515
- alias/CVE-2024-54524
- alias/CVE-2024-54493
- alias/CVE-2024-44243
- alias/CVE-2024-54549
- alias/CVE-2024-54485
- alias/CVE-2024-54479
- alias/CVE-2024-54502
- alias/CVE-2024-54508
- alias/CVE-2024-54505
- alias/CVE-2024-54534
- alias/CVE-2024-54543
- vendor/apple
- canonical/apple macos
- version/apple macos/14.0
- version/apple macos/15.0
- canonical/apple macos sequoia