Access Control Vulnerability in Apple Products
CVE-2024-54526

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Watch OS; iPad OS; TV OS; iPhone OS
Vendor: CVE Published:; 12 December 2024

Summary

A security issue has been identified in certain Apple products that could allow an unauthorized malicious app to access users' private information. This vulnerability has been mitigated in the latest updates, which enhance the existing checks to prevent unauthorized access. Users are encouraged to update their devices to the latest versions to ensure adequate protection against potential exploitation.

References

https://support.apple.com/en-us/121837

https://support.apple.com/en-us/121839

https://support.apple.com/en-us/121840

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2024