Unrated severityNVD Advisory· Published Dec 17, 2025· Updated Dec 18, 2025

CVE-2024-46060

Description

Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This allows a local low-privileged user to inject arbitrary commands, leading to code execution as the root user.

Affected products

Anaconda3/Anaconda3 macOS installersdescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

m8sec.dev/blog/privilege-escalation-macos-pkg-installers/mitre
www.anaconda.com/docs/getting-started/anaconda/release/2024.xmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000