CVE-2024-40824

EUVD-2024-38662
This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 17.6
appleiphone_os
𝑥
< 17.6
applemacos
14.0 ≤
𝑥
< 14.6
appletvos
𝑥
< 17.6
applewatchos
𝑥
< 10.6
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
appleiphone_os
𝑥
< 17.6
ADP
appleipad_os
𝑥
< 17.6
ADP
applewatchos
𝑥
< 10.6
ADP
appletvos
𝑥
< 17.6
ADP
applemacos
14.0 ≤
𝑥
< 14.6
ADP
Common Weakness Enumeration
References
https://support.apple.com/en-us/120909
https://support.apple.com/en-us/120911
https://support.apple.com/en-us/120914
https://support.apple.com/en-us/120916
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214124
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214122
https://support.apple.com/kb/HT214124