CVE-2024-40791

CVSS 3.3 LOWEPSS 0.2%CWE-532

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 3.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

16 sep 2024Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to access information about a user's contacts.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Productos afectados

Apple · iOS and iPadOS Apple · macOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://seclists.org/fulldisclosure/2024/Sep/32 http://seclists.org/fulldisclosure/2024/Sep/33 http://seclists.org/fulldisclosure/2024/Sep/39 http://seclists.org/fulldisclosure/2024/Sep/40 http://seclists.org/fulldisclosure/2024/Sep/41 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121246 https://support.apple.com/en-us/121247 https://support.apple.com/en-us/121250