7.7
CVE-2024-40824
- EPSS 0.28%
- Veröffentlicht 29.07.2024 23:15:13
- Zuletzt bearbeitet 02.04.2026 19:17:51
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.196 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.7 | 2.5 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-281 Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
http://seclists.org/fulldisclosure/2024/Jul/18
https://support.apple.com/kb/HT214119
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214122
https://support.apple.com/kb/HT214124
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214124
https://support.apple.com/en-us/120911
https://support.apple.com/en-us/120909
https://support.apple.com/en-us/120914
https://support.apple.com/en-us/120916