iOS and iPadOS Update Fixes Logic Issue, Addresses Saved Passwords Being Read Aloud by VoiceOver

CVE-2024-44204

5.5MEDIUM

Key Information

Vendor: Apple
Status: iPhone OS; iPad OS
Vendor: CVE Published:; 4 October 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.

News Articles

Nicolas Coolman

CVE-2024-44204CVE-2024-44207

Apple, 2 Critical Security Flaws in iOS and iPadOS Products - ZAM

Apple Security Bulletin 121373, released on October 3, 2024, provides information on fixes for multiple critical vulnerabilities in versions prior to

2 months ago

CVE-2024-44204

iPhone 'VoiceOver' Feature Could Read Passwords Aloud

CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features.

2 months ago

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Oct 5, 2024
First article discovered by null
Oct 4, 2024
Vulnerability published.
Oct 4, 2024

Collectors

NVD Database2 News Article(s)