CVE-2024-40825

MEDIUM Year: 2024
CVSS v3 Score
6.0
Medium
Weakness Type
CWE-284
View all →

Vulnerability Description

The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.

Related Vulnerabilities

CVE-2020-3503

MEDIUM
CVSS:6.0(Medium)

A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vuln...

CWE-2842020

CVE-2021-34724

MEDIUM
CVSS:6.0(Medium)

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root use...

CWE-2842021

CVE-2023-31346

MEDIUM
CVSS:6.0(Medium)

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

CWE-2842023

CVE-2024-28016

MEDIUM
CVSS:6.0(Medium)

Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, ...

CWE-2842024

CVE-2024-30211

MEDIUM
CVSS:6.0(Medium)

Improper access control in some Intel(R) ME driver pack installer engines before version 2422.6.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-2842024

CVE-2025-21573

MEDIUM
CVSS:6.0(Medium)

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). Supported versions that are affected are 5.1.0.0.0...

CWE-2842025