Lucene search

K
vulnrichmentAppleVULNRICHMENT:CVE-2024-27839
HistoryMay 13, 2024 - 11:00 p.m.

CVE-2024-27839

2024-05-1323:00:50
apple
github.com
7
privacy issue
sensitive data
secure location
ios 17.5
ipados 17.5
malicious application
user location

AI Score

5.5

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 17.5 and iPadOS 17.5. A malicious application may be able to determine a user’s current location.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "iphone_os",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "ipad_os",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

AI Score

5.5

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2024-27839