Lucene search
HistoryMar 08, 2024 - 2:15 a.m.
CVE-2024-23235
cve-2024-23235
security
macos
ios
ipados
watchos
tvos
vulnerability
data access
nvd
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data.
Affected configurations
Node
applevisionosRange<1.1
ORappletvosRange<17.4
ORappleiphone_osRange<17.4
ORappleipad_osRange<17.4
ORappleiphone_osRange<16.7
ORappleipad_osRange<16.7
ORapplemacosRange<14.4
ORapplewatchosRange<10.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | visionos | * | cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
| apple | tvos | * | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* |
| apple | iphone_os | * | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
| apple | ipad_os | * | cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* |
| apple | iphone_os | * | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
| apple | ipad_os | * | cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* |
| apple | macos | * | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
| apple | watchos | * | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Apple",
"product": "visionOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "1.1",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "tvOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "17.4",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "17.4",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "16.7",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "14.4",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "watchOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "10.4",
"versionType": "custom"
}
]
}
]References
seclists.org/fulldisclosure/2024/Mar/21
seclists.org/fulldisclosure/2024/Mar/24
seclists.org/fulldisclosure/2024/Mar/25
seclists.org/fulldisclosure/2024/Mar/26
support.apple.com/en-us/HT214081
support.apple.com/en-us/HT214082
support.apple.com/en-us/HT214084
support.apple.com/en-us/HT214086
support.apple.com/en-us/HT214087
support.apple.com/en-us/HT214088
Related
prion
prion
Race condition
2024-03-08 02:15:00
cvelist
cvelist
CVE-2024-23235
2024-03-08 01:36:04
nvd
nvd
CVE-2024-23235
2024-03-08 02:15:47
apple
apple
About the security content of visionOS 1.1
2024-03-07 00:00:00
About the security content of iOS 16.7.6 and iPadOS 16.7.6
2024-03-05 00:00:00
About the security content of watchOS 10.4
2024-03-07 00:00:00
nessus
nessus
macOS 14.x < 14.4 Multiple Vulnerabilities (HT214084)
2024-03-07 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT214084)
2024-03-22 00:00:00