CVE-2024-54485

CVSS 5.5 MEDIUMEPSS 0.3%CWE-922

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

11 Dec 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

The issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An attacker with physical access to an iOS device may be able to view notification content from the lock screen.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Apple · iOS and iPadOS Apple · iPadOS Apple · macOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2024/Dec/6 https://support.apple.com/en-us/121837 https://support.apple.com/en-us/121838 https://support.apple.com/en-us/121839