Privilege escalation vulnerability in CoreBluetooth - LE in Apple Mac OS - CVE-2024-23250ID: oval:org.secpod.oval:def:98337 | Date: (C)2024-03-08 (M)2024-03-14 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS 14 before 14.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle issues in improved access restrictions. On successful exploitation, an app may be able to access bluetooth-connected microphones without user permission.