Lucene search
HistoryJul 29, 2024 - 11:15 p.m.
CVE-2024-27871
path handling validation
macos sonoma 14.6
ios 17.6
ipados 17.6
protected user data access
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
16.2%
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. An app may be able to access protected user data.
Affected configurations
Node
appleipadosRange<17.6
ORappleiphone_osRange<17.6
ORapplemacosRange<14.6
Related
cvelist
cvelist
CVE-2024-27871
2024-07-29 22:17:22
cve
cve
CVE-2024-27871
2024-07-29 23:15:10
vulnrichment
vulnrichment
CVE-2024-27871
2024-07-29 22:17:22
apple
apple
About the security content of iOS 17.6 and iPadOS 17.6
2024-07-29 00:00:00
About the security content of macOS Sonoma 14.6
2024-07-29 00:00:00
openvas
openvas
Apple MacOSX Security Update (HT214119)
2024-07-30 00:00:00
nessus
nessus
macOS 14.x < 14.6 Multiple Vulnerabilities (HT214119)
2024-07-29 00:00:00
macOS 14.x < 14.6 Multiple Vulnerabilities (120911)
2024-09-13 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
16.2%
Related for NVD:CVE-2024-27871