Lucene search
PRIOn knowledge basePRION:CVE-2024-23204HistoryJan 23, 2024 - 1:15 a.m.
Design/Logic Flaw
2024-01-2301:15:00
PRIOn knowledge base
www.prio-n.com
6
design/logic flaw
additional permissions
macos sonoma 14.3
watchos 10.3
ios 17.3
ipados 17.3
sensitive data
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.
References
seclists.org/fulldisclosure/2024/Jan/33
seclists.org/fulldisclosure/2024/Jan/36
seclists.org/fulldisclosure/2024/Jan/39
seclists.org/fulldisclosure/2024/Mar/22
seclists.org/fulldisclosure/2024/Mar/23
support.apple.com/en-us/HT214059
support.apple.com/en-us/HT214060
support.apple.com/en-us/HT214061
support.apple.com/kb/HT214082
support.apple.com/kb/HT214083
support.apple.com/kb/HT214085
Related
cve
cve
CVE-2024-23204
2024-01-23 01:15:10
cvelist
cvelist
CVE-2024-23204
2024-01-23 00:25:30
hivepro
hivepro
Apple Shortcutsβ Secret Threat to Your Data
2024-02-27 07:17:17
nvd
nvd
CVE-2024-23204
2024-01-23 01:15:10
thn
thn
Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability
2024-02-23 05:05:00
apple
apple
About the security content of watchOS 10.3
2024-01-22 00:00:00
About the security content of iOS 16.7.6 and iPadOS 16.7.6
2024-03-05 00:00:00
About the security content of iOS 17.3 and iPadOS 17.3
2024-01-22 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT214061)
2024-01-23 00:00:00
Apple Mac OS X Security Update (HT214083)
2024-03-22 00:00:00
Apple Mac OS X Security Update (HT214085)
2024-03-22 00:00:00
nessus
nessus
macOS 14.x < 14.3 Multiple Vulnerabilities (HT214061)
2024-01-22 00:00:00
macOS 12.x < 12.7.4 Multiple Vulnerabilities (HT214083)
2024-03-07 00:00:00
macOS 13.x < 13.6.5 Multiple Vulnerabilities (HT214085)
2024-03-07 00:00:00