CVE-2024-44303
Published: 02 April 2026
Summary
CVE-2024-44303 is a high-severity Improper Access Control (CWE-284) vulnerability in Apple Macos. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 26.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-2 (Separation of System and User Functionality).
Deeper analysis
CVE-2024-44303 is a vulnerability in macOS that allows a malicious application to modify protected parts of the file system. The issue stems from insufficient checks, as indicated by its association with CWE-284 (Improper Access Control). It affects macOS versions prior to Sequoia 15.1 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), rated as High severity due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and high confidentiality impact.
An unauthenticated attacker can exploit this vulnerability remotely over the network with no privileges or user interaction required. By leveraging the flaw, the attacker can execute a malicious application that modifies protected file system areas, potentially leading to unauthorized data access or manipulation consistent with the high confidentiality impact in the CVSS score.
Apple's advisory at https://support.apple.com/en-us/121564 states that the issue was addressed with improved checks and is fixed in macOS Sequoia 15.1. Security practitioners should ensure systems are updated to this version or later to mitigate the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-55530
Vulnerability details
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able to modify protected parts of the file system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables unauthorized modification of protected macOS file system areas via improper access control, directly facilitating stored data manipulation and exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
AC-3 enforces approved authorizations for access to system resources, directly addressing the improper access control that allowed malicious applications to modify protected file system areas.
SI-2 requires timely flaw remediation through patching to macOS Sequoia 15.1 or later, implementing the improved checks that fix CVE-2024-44303.
SC-2 separates system and user functionality into distinct domains, preventing malicious applications from accessing or modifying protected file system parts.