Back

CVE-2024-44204

Oct. 4, 2024, 5:29 p.m.

Analyzed
CVE has been recently published to the CVE List and has been received by the NVD.

Products

iOS

  • 18.0.1

iPadOS

  • 18.0.1

ipados

  • *

iphone_os

  • *

Source

product-security@apple.com

Tags

product-security@apple.com
NVD-CWE-noinfo
2024-10-04
CVE-2024-44204

CVE-2024-44204 details

Published : Oct. 4, 2024, 12:15 a.m.
Last Modified : Oct. 4, 2024, 5:29 p.m.

Description

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.

CVSS Score

1 2 3 4 5.5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

Base Score

5.5

Exploitability Score

1.8

Impact Score

3.6

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

URL Source
https://support.apple.com/en-us/121373 product-security@apple.com

CPEs

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o apple ipados / / / / / / / /
o apple iphone_os / / / / / / / /
This website uses the NVD API, but is not approved or certified by it.