Lucene search

[email protected]NVD:CVE-2024-40790

HistorySep 17, 2024 - 12:15 a.m.

CVE-2024-40790

2024-09-1700:15:48

[email protected]

web.nvd.nist.gov

cache handling

visionos 2

gpu memory security

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.6%

JSON

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.

Affected configurations

Nvd

Node

applevisionosRange<2.0

VendorProductVersionCPE
applevisionos*cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	visionos	*	cpe:2.3:o:apple:visionos::::::::

References

support.apple.com/en-us/121249

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.6%

JSON

Related for NVD:CVE-2024-40790

vulnrichment1 cve1 cvelist1