CVE-2024-40809

2024-07-2922:17:23

apple

github.com

cve-2024-40809

logic issue

ios 16.7.9

ipados 16.7.9

macos ventura 13.6.8

macos monterey 12.7.6

watchos 10.6

visionos 1.3

macos sonoma 14.6

internet permission bypass

AI Score

5.5

Confidence

Low

EPSS

Percentile

10.6%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, visionOS 1.3, macOS Sonoma 14.6. A shortcut may be able to bypass Internet permission requirements.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "16.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "13.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "10.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "14.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "visionOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "1.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "12.7",
        "versionType": "custom"
      }
    ]
  }
]