跳转到帖子

OS X update for Shortcuts (CVE-2024-23245)

recommended_posts

发布于
  • Members

OS X update for Shortcuts (CVE-2024-23245)

Severity
2
CVSS
(AV:L/AC:M/Au:N/C:N/I:P/A:N)
Published
03/08/2024
Created
03/09/2024
Added
03/08/2024
Modified
01/28/2025

Description

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.

Solution(s)

  • apple-osx-upgrade-12_7_4
  • apple-osx-upgrade-13_6_5
  • apple-osx-upgrade-14_4

References

  • https://attackerkb.com/topics/cve-2024-23245
  • CVE - 2024-23245
  • https://support.apple.com/en-us/120884
  • https://support.apple.com/en-us/120886
  • https://support.apple.com/en-us/120895
  • 查看数 704
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…