CVE-2024-40836
CVE-2024-40836
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
29 jul 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, watchOS 10.6. A shortcut may be able to use sensitive data with certain actions without prompting the user.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Referencias
http://seclists.org/fulldisclosure/2024/Jul/16http://seclists.org/fulldisclosure/2024/Jul/17http://seclists.org/fulldisclosure/2024/Jul/18http://seclists.org/fulldisclosure/2024/Jul/21https://support.apple.com/en-us/120908https://support.apple.com/en-us/120909https://support.apple.com/en-us/120911https://support.apple.com/en-us/120916https://support.apple.com/en-us/HT214116https://support.apple.com/en-us/HT214117https://support.apple.com/en-us/HT214119https://support.apple.com/en-us/HT214124