CVE-2024-40807 – This CVE describes a logic flaw in macOS Shortc... (How to Fix)

Q: What is the severity of CVE-2024-40807?

CVE-2024-40807 has a CVSS score of 5.5 (MEDIUM). This CVE describes a logic flaw in macOS Shortcuts that allows malicious shortcuts to access sensitive user data without proper user consent prompts. It affects macOS Monterey, Ventura, and Sonoma users who run untrusted shortcuts. The vulnerability bypasses security controls designed to protect user privacy.

📋 TL;DR

This CVE describes a logic flaw in macOS Shortcuts that allows malicious shortcuts to access sensitive user data without proper user consent prompts. It affects macOS Monterey, Ventura, and Sonoma users who run untrusted shortcuts. The vulnerability bypasses security controls designed to protect user privacy.

💻 Affected Systems

Products:

macOS Shortcuts

Versions: Versions before macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8

Operating Systems: macOS Monterey, macOS Ventura, macOS Sonoma

Default Config Vulnerable: ⚠️ Yes

Notes: All standard macOS installations with Shortcuts enabled are vulnerable. The vulnerability is in the Shortcuts application itself.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could create a shortcut that silently exfiltrates sensitive data like passwords, contacts, messages, or files without user knowledge or consent.

🟠

Likely Case

Malicious shortcuts distributed through social engineering could access and misuse personal data, potentially leading to privacy violations or credential theft.

🟢

If Mitigated

With proper security awareness and only running trusted shortcuts, the risk is minimal as exploitation requires user interaction.

🌐 Internet-Facing: LOW - Exploitation requires local execution of malicious shortcuts, not network exposure.

🏢 Internal Only: MEDIUM - Internal users could be tricked into running malicious shortcuts, potentially compromising sensitive data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction to run a malicious shortcut. No public exploit code has been disclosed in the referenced advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8

Vendor Advisory: https://support.apple.com/en-us/HT214118

Restart Required: Yes

Instructions:

1. Open System Settings > General > Software Update. 2. Install the available update for your macOS version. 3. Restart your Mac when prompted.

🔧 Temporary Workarounds

Disable Shortcuts or restrict usage

all

Temporarily disable Shortcuts or only run shortcuts from trusted sources until patched.

Review and delete suspicious shortcuts

all

Check your Shortcuts library and remove any shortcuts from untrusted sources.

🧯 If You Can't Patch

Implement strict policies prohibiting the use of untrusted shortcuts
Educate users about the risks of running shortcuts from unknown sources

🔍 How to Verify

Check if Vulnerable:

Check macOS version: If running macOS Sonoma < 14.6, Monterey < 12.7.6, or Ventura < 13.6.8, you are vulnerable.

Check Version:

sw_vers

Verify Fix Applied:

After updating, verify your macOS version matches the patched versions listed above.

📡 Detection & Monitoring

Log Indicators:

Unusual shortcut execution patterns
Shortcuts accessing sensitive data locations

Network Indicators:

Unexpected outbound connections following shortcut execution

SIEM Query:

Search for Shortcuts app execution events followed by file access to sensitive directories or network connections.

📊 Metadata

CVE ID: CVE-2024-40807

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-285

Published: July 29, 2024

Last Updated: November 4, 2025

🔗 References

http://seclists.org/fulldisclosure/2024/Jul/18 Mailing List,Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/19 Mailing List,Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/20 Mailing List,Third Party Advisory
https://support.apple.com/en-us/HT214118 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT214119 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT214120 Release Notes,Vendor Advisory
http://seclists.org/fulldisclosure/2024/Jul/18 Mailing List,Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/19 Mailing List,Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jul/20 Mailing List,Third Party Advisory
https://support.apple.com/en-us/HT214118 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT214119 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT214120 Release Notes,Vendor Advisory
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40807, you might also want to check these: