CVE-2024-27830

This issue was addressed through improved state management. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/120896
https://support.apple.com/en-us/120901
https://support.apple.com/en-us/120902
https://support.apple.com/en-us/120903
https://support.apple.com/en-us/120905
https://support.apple.com/en-us/120906
http://seclists.org/fulldisclosure/2024/Jun/5	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT214101	Vendor Advisory
https://support.apple.com/en-us/HT214102	Vendor Advisory
https://support.apple.com/en-us/HT214103	Vendor Advisory
https://support.apple.com/en-us/HT214104	Vendor Advisory
https://support.apple.com/en-us/HT214106	Vendor Advisory
https://support.apple.com/en-us/HT214108	Vendor Advisory
https://support.apple.com/kb/HT214102
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214106
https://support.apple.com/kb/HT214108

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

02 Apr 2026, 19:17

Type	Values Removed	Values Added
References		() https://support.apple.com/en-us/120896 - () https://support.apple.com/en-us/120901 - () https://support.apple.com/en-us/120902 - () https://support.apple.com/en-us/120903 - () https://support.apple.com/en-us/120905 - () https://support.apple.com/en-us/120906 -
Summary	(en) This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.	(en) This issue was addressed through improved state management. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user.

04 Nov 2025, 18:16

Type	Values Removed	Values Added
References		() https://support.apple.com/kb/HT214102 - () https://support.apple.com/kb/HT214104 - () https://support.apple.com/kb/HT214106 - () https://support.apple.com/kb/HT214108 -

21 Nov 2024, 09:05

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2024/Jun/5 - Mailing List, Third Party Advisory~~	() http://seclists.org/fulldisclosure/2024/Jun/5 - Mailing List, Third Party Advisory
References	~~() https://support.apple.com/en-us/HT214101 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214101 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214102 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214102 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214103 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214103 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214104 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214104 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214106 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214106 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214108 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214108 - Vendor Advisory

27 Jun 2024, 18:10

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2024/Jun/5 -~~	() http://seclists.org/fulldisclosure/2024/Jun/5 - Mailing List, Third Party Advisory
References	~~() https://support.apple.com/en-us/HT214101 -~~	() https://support.apple.com/en-us/HT214101 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214102 -~~	() https://support.apple.com/en-us/HT214102 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214103 -~~	() https://support.apple.com/en-us/HT214103 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214104 -~~	() https://support.apple.com/en-us/HT214104 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214106 -~~	() https://support.apple.com/en-us/HT214106 - Vendor Advisory
References	~~() https://support.apple.com/en-us/HT214108 -~~	() https://support.apple.com/en-us/HT214108 - Vendor Advisory
First Time		Apple iphone Os Apple macos Apple tvos Apple ipados Apple Apple visionos Apple watchos Apple safari
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:a:apple:safari:::::::: cpe:2.3:o:apple:watchos:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:visionos::::::::

12 Jun 2024, 04:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2024/Jun/5 -

11 Jun 2024, 13:54

Type	Values Removed	Values Added
Summary		(es) Esta cuestión se abordó mediante una mejora de gestión de estado. Este problema se solucionó en tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Una página web creada con fines malintencionados puede tomar huellas digitales del usuario.

10 Jun 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-10 21:15

Updated : 2026-04-02 19:17

NVD link : CVE-2024-27830

Mitre link : CVE-2024-27830

CVE.ORG link : CVE-2024-27830

JSON object : View

Products Affected

apple

ipados
tvos
watchos
safari
visionos
macos
iphone_os

CWE

NVD-CWE-noinfo

6.5 /10