High severity7.5NVD Advisory· Published Sep 17, 2024· Updated Apr 2, 2026
CVE-2024-40848
CVE-2024-40848
Description
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An attacker may be able to read sensitive information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: <13.7
- (no CPE)range: <=14.6.1
Patches
Vulnerability mechanics
References
6- support.apple.com/en-us/121234nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121238nvdRelease NotesVendor Advisory
- support.apple.com/en-us/121247nvdRelease NotesVendor Advisory
- seclists.org/fulldisclosure/2024/Sep/33nvd
- seclists.org/fulldisclosure/2024/Sep/40nvd
- seclists.org/fulldisclosure/2024/Sep/41nvd
News mentions
0No linked articles in our index yet.