Sensitive Data Exposure in Apple Users' Devices
CVE-2024-44254
5.5MEDIUM
Summary
This vulnerability allows an application to access sensitive user data due to improper redaction measures. It was addressed with fixes in various Apple operating systems including watchOS, macOS, and iOS. Users are encouraged to update their devices to the latest versions to ensure their information remains protected.
Affected Version(s)
iOS and iPadOS < 18.1
macOS < 14.7
macOS < 13.7
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published