Sensitive Data Exposure in Apple Users' Devices
CVE-2024-44254

5.5MEDIUM

Key Information:

Vendor
Apple
Vendor
CVE Published:
28 October 2024

Summary

This vulnerability allows an application to access sensitive user data due to improper redaction measures. It was addressed with fixes in various Apple operating systems including watchOS, macOS, and iOS. Users are encouraged to update their devices to the latest versions to ensure their information remains protected.

Affected Version(s)

iOS and iPadOS < 18.1

macOS < 14.7

macOS < 13.7

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.