← volver
CVE-2024-40836

CVE-2024-40836

CVSS 7.5 HIGHEPSS 0.6%CWE-200
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, watchOS 10.6. A shortcut may be able to use sensitive data with certain actions without prompting the user.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Productos afectados
Apple · iOS and iPadOSApple · macOSApple · watchOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2024/Jul/16http://seclists.org/fulldisclosure/2024/Jul/17http://seclists.org/fulldisclosure/2024/Jul/18http://seclists.org/fulldisclosure/2024/Jul/21https://support.apple.com/en-us/120908https://support.apple.com/en-us/120909https://support.apple.com/en-us/120911https://support.apple.com/en-us/120916https://support.apple.com/en-us/HT214116https://support.apple.com/en-us/HT214117https://support.apple.com/en-us/HT214119https://support.apple.com/en-us/HT214124