CVE-2024-4395

June 27, 2024, 10:15 p.m.

Tags

2024-06-27

CVE-2024-4395

67325c3f-c596-46c5-a235-e1a1e73abe4e

Product(s) Impacted

Jamf Compliance Editor

before 1.3.1

Description

The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation.

Weaknesses

Date

Published: June 27, 2024, 10:15 p.m.

Last Modified: June 27, 2024, 10:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

67325c3f-c596-46c5-a235-e1a1e73abe4e

References

https://github.com/Jamf-Concepts/jamf-compliance-editor/raw/v1.3.1/Jamf%20Compliance%20Editor%20-%20User%20Guide.pdf

67325c3f-c596-46c5-a235-e1a1e73abe4e

https://github.com/Jamf-Concepts/jamf-compliance-editor/releases/download/v1.3.1/JamfComplianceEditor.v1.3.1.pkg

67325c3f-c596-46c5-a235-e1a1e73abe4e

https://khronokernel.com/macos/2024/05/01/CVE-2024-4395.html

67325c3f-c596-46c5-a235-e1a1e73abe4e

https://trusted.jamf.com/docs/establishing-compliance-baselines#support

67325c3f-c596-46c5-a235-e1a1e73abe4e