5.5

CVE-2024-40793

EPSS 0.01%
Veröffentlicht 29.07.2024 23:15:12
Zuletzt bearbeitet 04.11.2025 18:16:35
Quelle product-security@apple.com
CVE-Watchlists
Login
Unerledigt
Login

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. An app may be able to access user-sensitive data.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 21

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iPadOS Version < 16.7.9

Apple ≫ iPadOS Version >= 17.0 < 17.6

Apple ≫ iPhone OS Version < 16.7.9

Apple ≫ iPhone OS Version >= 17.0 < 17.6

Apple ≫ macOS Version < 12.7.6

Apple ≫ macOS Version >= 13.0 < 13.6.8

Apple ≫ macOS Version >= 14.0 < 14.6

Apple ≫ watchOS Version < 10.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.015

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://seclists.org/fulldisclosure/2024/Jul/18

Third Party Advisory

Mailing List

https://support.apple.com/kb/HT214119

http://seclists.org/fulldisclosure/2024/Jul/16

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/17

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/19

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/20

Third Party Advisory

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/21

Third Party Advisory

Mailing List

https://support.apple.com/kb/HT214116

https://support.apple.com/kb/HT214117

https://support.apple.com/kb/HT214118

https://support.apple.com/kb/HT214120

https://support.apple.com/kb/HT214124

https://support.apple.com/en-us/HT214118

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214120

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214119

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214117

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214124

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT214116

Vendor Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2024-40793

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-40793

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-40793

EUVD