CVE-2024-44273 Information
Nov 01, 2024
cve
Description
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1 visionOS 2.1 macOS Sonoma 14.7.1 watchOS 11.1 tvOS 18.1. A malicious app may be able to access private information.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Reference
https://support.apple.com/en-us/121570 https://support.apple.com/en-us/121566 https://support.apple.com/en-us/121569 https://support.apple.com/en-us/121565 https://support.apple.com/en-us/121563
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
5.5
Share on: