CVE-2024-40795

EUVD-2024-38636
This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 17.6
appleiphone_os
𝑥
< 17.6
applemacos
𝑥
< 14.6
appletvos
𝑥
< 17.6
applewatchos
𝑥
< 10.6
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/120909
https://support.apple.com/en-us/120911
https://support.apple.com/en-us/120914
https://support.apple.com/en-us/120916
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214124
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214122
https://support.apple.com/kb/HT214124