CVE-2024-23245

Published: Mar 8, 2024

Modified: Apr 2, 2026

PUBLISHED

Description

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.

Vendor	Product	Versions
Apple	macOS	affected `0 - < 12.7.4` affected `0 - < 13.6.5` affected `0 - < 14.4`

References

https://support.apple.com/en-us/120884

https://support.apple.com/en-us/120886

https://support.apple.com/en-us/120895

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-23245

Description

Affected Products

References