CVE-2024-40834 Information

Description

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.6 macOS Monterey 12.7.6 macOS Ventura 13.6.8. A shortcut may be able to bypass sensitive Shortcuts app settings.

Reference

https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214118 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19