CVE-2024-44197 - Vulnerability Details

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Apple	Macos

Configuration 1 [-]

OR	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

No data.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Oct/11
http://seclists.org/fulldisclosure/2024/Oct/12
http://seclists.org/fulldisclosure/2024/Oct/13
https://support.apple.com/en-us/121564
https://support.apple.com/en-us/121568
https://support.apple.com/en-us/121570

History

Thu, 02 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
Description	The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.	The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
References		https://support.apple.com/en-us/121564

Mon, 03 Nov 2025 22:30:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2024/Oct/11 http://seclists.org/fulldisclosure/2024/Oct/12 http://seclists.org/fulldisclosure/2024/Oct/13

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0004}`	epss `{'score': 0.00047}`

Thu, 14 Nov 2024 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:o:apple:macos::::::::
Vendors & Products		Apple Apple macos

Wed, 30 Oct 2024 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 2.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 28 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Description		The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.
References		https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-10-28T21:08:17.028Z

Updated: 2026-04-02T18:18:55.929Z

Reserved: 2024-08-20T21:42:05.936Z

Link: CVE-2024-44197

Vulnrichment

Updated: 2025-11-03T22:08:01.349Z

NVD

Status : Modified

Published: 2024-10-28T21:15:05.917

Modified: 2026-04-02T19:18:19.197

Link: CVE-2024-44197

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object