[email protected]NVD:CVE-2024-23235

HistoryMar 08, 2024 - 2:15 a.m.

CVE-2024-23235

2024-03-0802:15:47

[email protected]

web.nvd.nist.gov

cve-2024-23235

race condition

macos sonoma 14.4

visionos 1.1

ios 17.4

ipados 17.4

watchos 10.4

tvos 17.4

user-sensitive data access

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data.

References

seclists.org/fulldisclosure/2024/Mar/21

seclists.org/fulldisclosure/2024/Mar/24

seclists.org/fulldisclosure/2024/Mar/25

seclists.org/fulldisclosure/2024/Mar/26

support.apple.com/en-us/HT214081

support.apple.com/en-us/HT214082

support.apple.com/en-us/HT214084

support.apple.com/en-us/HT214086

support.apple.com/en-us/HT214087

support.apple.com/en-us/HT214088