CVE-2024-23245
Summary
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.
- LOW
- LOCAL
- LOW
- UNCHANGED
- REQUIRED
- NONE
- NONE
- NONE
References
Advisory Timeline
- Published
