Sensitive Information Exposure in Apple Products
CVE-2024-23210

3.3LOW

Key Information:

Vendor: Apple
Status: iOS And iPad OS; TV OS; Watch OS; Mac OS
Vendor: CVE Published:; 23 January 2024

What is CVE-2024-23210?

This vulnerability allows apps to potentially access sensitive user information, such as phone numbers, from system logs due to inadequate redaction. This can lead to privacy concerns where unauthorized applications gain insight into personal data. Apple has addressed this issue in the latest updates for all its operating systems including iOS, macOS, watchOS, tvOS, and iPadOS, highlighting the importance of regular updates to safeguard user privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

iOS and iPadOS < 17.3

macOS < 14.3

tvOS < 17.3

References

https://support.apple.com/en-us/HT214059

https://support.apple.com/en-us/HT214055

https://support.apple.com/en-us/HT214060

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 23, 2024
Vulnerability Reserved
Jan 12, 2024

JSON

Apple