CVE-2024-10183

Oct. 23, 2024, 3:12 p.m.

Tags

CWE-276
67325c3f-c596-46c5-a235-e1a1e73abe4e
2024-10-22
CVE-2024-10183

Product(s) Impacted

Jamf Pro

Description

A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.

Weaknesses

CWE-276
Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

CWE ID: 276

Date

Published: Oct. 22, 2024, 6:15 p.m.

Last Modified: Oct. 23, 2024, 3:12 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

67325c3f-c596-46c5-a235-e1a1e73abe4e

References

https://learn.jamf.com/en-US/bundle/jamf-remote-assist-release-notes/page/Jamf_Remote_Assist_Release_History.html#ariaid-title4
67325c3f-c596-46c5-a235-e1a1e73abe4e