A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data.
References
Configurations
Configuration 1 (hide)
|
History
20 Dec 2024, 17:08
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Apple ipados
|
|
| CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List, Third Party Advisory | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/24 - Mailing List, Third Party Advisory | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/25 - Mailing List, Third Party Advisory | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List, Third Party Advisory |
06 Dec 2024, 02:36
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* |
|
| References | () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/24 - Mailing List | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/25 - Mailing List | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214081 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214082 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214084 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214086 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214087 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214088 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
| First Time |
Apple watchos
Apple visionos Apple iphone Os Apple Apple ipad Os Apple tvos Apple macos |
|
| CWE | CWE-362 |
21 Nov 2024, 08:57
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2024/Mar/21 - | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/24 - | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/25 - | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - | |
| References | () https://support.apple.com/en-us/HT214081 - | |
| References | () https://support.apple.com/en-us/HT214082 - | |
| References | () https://support.apple.com/en-us/HT214084 - | |
| References | () https://support.apple.com/en-us/HT214086 - | |
| References | () https://support.apple.com/en-us/HT214087 - | |
| References | () https://support.apple.com/en-us/HT214088 - |
01 Aug 2024, 13:47
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
| CWE | CWE-200 |
13 Mar 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
13 Mar 2024, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 Mar 2024, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-08 02:15
Updated : 2024-12-20 17:08
NVD link : CVE-2024-23235
Mitre link : CVE-2024-23235
CVE.ORG link : CVE-2024-23235
JSON object : View
Products Affected
apple
- watchos
- iphone_os
- visionos
- ipados
- macos
- tvos