CVE-2024-54537: An app may be able to read and write files outside of its sandbox in Apple macOS
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to read and write files outside of its sandbox.
AI Analysis
Technical Summary
This vulnerability in Apple macOS allows an application to bypass sandbox restrictions and access files outside its designated sandbox environment. The issue arises from insufficient entitlement checks, which Apple has corrected in recent macOS updates. The flaw affects multiple macOS versions prior to the specified patched releases. The CVSS 3.1 vector indicates the attack requires local access with low complexity, no privileges, and user interaction, impacting confidentiality and integrity with high severity.
Potential Impact
An attacker with local access and the ability to trick a user into interacting with a malicious app could read and modify files outside the app's sandbox, potentially leading to unauthorized data access and data integrity compromise. There is no indication of availability impact or known exploitation in the wild.
Mitigation Recommendations
Apply the official patches provided by Apple by updating to macOS Sequoia 15.2, macOS Sonoma 14.7.2, or macOS Ventura 13.7.2 or later. These updates include additional entitlement checks that resolve the vulnerability. No other mitigation steps are indicated by the vendor advisory.
CVE-2024-54537: An app may be able to read and write files outside of its sandbox in Apple macOS
Description
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to read and write files outside of its sandbox.
CVSS v3.1
Score 7.1high
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in Apple macOS allows an application to bypass sandbox restrictions and access files outside its designated sandbox environment. The issue arises from insufficient entitlement checks, which Apple has corrected in recent macOS updates. The flaw affects multiple macOS versions prior to the specified patched releases. The CVSS 3.1 vector indicates the attack requires local access with low complexity, no privileges, and user interaction, impacting confidentiality and integrity with high severity.
Potential Impact
An attacker with local access and the ability to trick a user into interacting with a malicious app could read and modify files outside the app's sandbox, potentially leading to unauthorized data access and data integrity compromise. There is no indication of availability impact or known exploitation in the wild.
Mitigation Recommendations
Apply the official patches provided by Apple by updating to macOS Sequoia 15.2, macOS Sonoma 14.7.2, or macOS Ventura 13.7.2 or later. These updates include additional entitlement checks that resolve the vulnerability. No other mitigation steps are indicated by the vendor advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-12-03T22:50:35.511Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69ceb833e6bfc5ba1df6ee46
Added to database: 04/02/2026, 18:40:51 UTC
Last enriched: 05/21/2026, 15:07:17 UTC
Last updated: 07/04/2026, 20:51:18 UTC
Views: 83
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.