{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-23275", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2024-01-12T22:22:21.498Z", "datePublished": "2024-03-08T01:36:18.366Z", "dateUpdated": "2026-04-02T18:26:30.450Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access protected user data"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "12.7.4", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "13.6.5", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "14.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to access protected user data."}], "references": [{"url": "https://support.apple.com/en-us/120884"}, {"url": "https://support.apple.com/en-us/120886"}, {"url": "https://support.apple.com/en-us/120895"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:26:30.450Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-362", "lang": "en", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-12T18:13:13.376117Z", "id": "CVE-2024-23275", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T14:29:34.074Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214083", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214085", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214084", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/22", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/23", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214085"}, {"url": "https://support.apple.com/kb/HT214084"}, {"url": "https://support.apple.com/kb/HT214083"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T18:27:17.816Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214083", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214085", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214084", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/22", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/23", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT214085"}, {"url": "https://support.apple.com/kb/HT214084"}, {"url": "https://support.apple.com/kb/HT214083"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T18:27:17.816Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-23275", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-12T18:13:13.376117Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:41.790Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "0", "lessThan": "12.7.4", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "13.6.5", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "14.4", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/120884"}, {"url": "https://support.apple.com/en-us/120886"}, {"url": "https://support.apple.com/en-us/120895"}], "descriptions": [{"lang": "en", "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to access protected user data."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access protected user data"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:26:30.450Z"}}}, "cveMetadata": {"cveId": "CVE-2024-23275", "state": "PUBLISHED", "dateUpdated": "2026-04-02T18:26:30.450Z", "dateReserved": "2024-01-12T22:22:21.498Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2024-03-08T01:36:18.366Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "079C046D-9CEF-4B49-B1BB-D0376801198D", "versionEndExcluding": "12.7.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69C4F06A-061F-46B3-8BB7-5C9B47C00956", "versionEndExcluding": "13.6.5", "versionStartIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099", "versionEndExcluding": "14.4", "versionStartIncluding": "14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to access protected user data."}, {"lang": "es", "value": "Se abord\u00f3 una condici\u00f3n de ejecuci\u00f3n con validaci\u00f3n adicional. Este problema se solucion\u00f3 en macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Es posible que una aplicaci\u00f3n pueda acceder a datos de usuario protegidos."}], "id": "CVE-2024-23275", "lastModified": "2026-04-02T19:17:11.767", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-08T02:15:49.510", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/120884"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/120886"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/120895"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://seclists.org/fulldisclosure/2024/Mar/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://seclists.org/fulldisclosure/2024/Mar/22"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://seclists.org/fulldisclosure/2024/Mar/23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214083"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214085"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214083"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/kb/HT214085"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-362"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}