CVE-2024-40844
CVE-2024-40844
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
16 Sep 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to observe data displayed to the user by Shortcuts.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
http://seclists.org/fulldisclosure/2024/Sep/33http://seclists.org/fulldisclosure/2024/Sep/39http://seclists.org/fulldisclosure/2024/Sep/40http://seclists.org/fulldisclosure/2024/Sep/41https://support.apple.com/en-us/121234https://support.apple.com/en-us/121238https://support.apple.com/en-us/121246https://support.apple.com/en-us/121247