CVE-2024-54492

EUVD-2024-52592
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 17.7.3
appleipados
18.0 ≤
𝑥
< 18.2
appleiphone_os
𝑥
< 18.2
applemacos
𝑥
< 15.2
applevisionos
𝑥
< 2.2
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121838
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121845
http://seclists.org/fulldisclosure/2024/Dec/12
http://seclists.org/fulldisclosure/2024/Dec/6
http://seclists.org/fulldisclosure/2024/Dec/7