CVE-2024-27884
Description
This issue was addressed with a new entitlement. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to access user-sensitive data.
CWE
- CWE-200 — CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Affected
- Apple / iOS and iPadOS — v=0 <17.5 [affected]
- Apple / macOS — v=0 <14.5 [affected]
- Apple / tvOS — v=0 <17.5 [affected]
- Apple / visionOS — v=0 <1.2 [affected]
- Apple / watchOS — v=0 <10.5 [affected]
CVSS
- (none)
References
- https://support.apple.com/en-us/120901
- https://support.apple.com/en-us/120902
- https://support.apple.com/en-us/120903
- https://support.apple.com/en-us/120905
- https://support.apple.com/en-us/120906
Source
cvelistV5-main/cves/2024/27xxx/CVE-2024-27884.json