Medium severity5.5NVD Advisory· Published Mar 8, 2024· Updated Apr 2, 2026

CVE-2024-23285

Description

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk.

Affected products

Apple Inc./macOS
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Range: >=14.0,<14.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT214084nvdVendor Advisory
seclists.org/fulldisclosure/2024/Mar/21nvdMailing List
support.apple.com/en-us/120895nvd
support.apple.com/kb/HT214084nvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000