CVE-2024-40791

CVSS 3.3 LOWEPSS 0.2%CWE-532

Vexday Risk Score

8Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 3.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

16 set 2024Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to access information about a user's contacts.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Produtos afetados

Apple · iOS and iPadOS Apple · macOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://seclists.org/fulldisclosure/2024/Sep/32 http://seclists.org/fulldisclosure/2024/Sep/33 http://seclists.org/fulldisclosure/2024/Sep/39 http://seclists.org/fulldisclosure/2024/Sep/40 http://seclists.org/fulldisclosure/2024/Sep/41 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121246 https://support.apple.com/en-us/121247 https://support.apple.com/en-us/121250