CVE-2024-40795

EUVD-2024-38636
This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA-ADPADP
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 17.6
appleiphone_os
𝑥
< 17.6
applemacos
𝑥
< 14.6
appletvos
𝑥
< 17.6
applewatchos
𝑥
< 10.6
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214124
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214124
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214122
https://support.apple.com/kb/HT214124