6.2

CVE-2024-40833

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user.

Data is provided by the National Vulnerability Database (NVD)
AppleiPadOS Version < 16.7.9
AppleiPhone OS Version < 16.7.9
ApplemacOS Version < 12.7.6
ApplemacOS Version >= 13.0 < 13.6.8
ApplemacOS Version >= 14.0 < 14.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.055
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
http://seclists.org/fulldisclosure/2024/Jul/18
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/17
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/19
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/20
Third Party Advisory
Mailing List
https://support.apple.com/en-us/HT214118
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214120
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214119
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214116
Vendor Advisory
Release Notes