Sensitive Information Exposure in Apple iOS and iPadOS
CVE-2024-44200

3.3LOW

Key Information:

Vendor: Apple
Status: iPad OS; iPhone OS
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-44200?

A vulnerability has been identified in Apple’s iOS and iPadOS that allows apps to potentially access sensitive location information. The issue has been mitigated through enhanced redaction mechanisms, ensuring that sensitive data is not exposed improperly. Users should upgrade to iOS 18.1 or iPadOS 18.1 to benefit from these improvements and protect their data.

References

https://support.apple.com/en-us/121563

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2024