CVE-2024-54504 is a privacy vulnerability identified in Apple macOS, specifically addressed in macOS Sequoia 15.2. The root cause lies in inadequate redaction of private data within system log entries, which allows an application with limited privileges (local access and low privileges) to potentially access sensitive user data that should otherwise be protected. The vulnerability is classified under CWE-922, which relates to improper restriction of operations within the bounds of a memory buffer or data structure, here manifesting as insufficient data redaction. The CVSS v3.1 base score is 5.5 (medium severity), with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating local attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, and high confidentiality impact but no impact on integrity or availability. No public exploits have been reported, suggesting limited or no active exploitation currently. The vulnerability could allow malicious local applications or users to extract sensitive information from logs, potentially leading to privacy breaches or information disclosure. The fix involves improved private data redaction in log entries, which Apple implemented in macOS Sequoia 15.2. Organizations running earlier versions of macOS should apply this update promptly to prevent potential data leakage.

The primary impact of CVE-2024-54504 is unauthorized disclosure of sensitive user data, which compromises confidentiality. This can lead to privacy violations, leakage of personally identifiable information (PII), or exposure of sensitive operational data. Although the vulnerability does not affect system integrity or availability, the confidentiality breach can have serious consequences, including regulatory non-compliance (e.g., GDPR, HIPAA), reputational damage, and potential exploitation for further attacks if sensitive information is leveraged. Because exploitation requires local access with low privileges, the threat is more relevant in environments where multiple users share systems, or where malicious applications can be installed or executed by non-privileged users. Enterprises and organizations with sensitive data on macOS devices are at risk if they do not apply the patch. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, as attackers may develop exploits over time.

1. Upgrade all affected macOS systems to macOS Sequoia 15.2 or later, where the vulnerability is fixed with improved private data redaction. 2. Restrict local user privileges and enforce strict application installation policies to minimize the risk of malicious or unauthorized apps gaining local access. 3. Monitor system logs and audit access to sensitive data to detect any anomalous behavior or unauthorized access attempts. 4. Employ endpoint protection solutions that can detect suspicious local activity or privilege escalation attempts. 5. Educate users about the risks of installing untrusted applications and enforce strong security policies for device usage. 6. For environments with shared systems, consider additional isolation mechanisms such as containerization or virtualization to limit access to sensitive logs. 7. Regularly review and update security configurations and patch management processes to ensure timely application of security updates.