CVE-2024-44255

Oct. 29, 2024, 2:34 p.m.

Product(s) Impacted

iOS

  • 18.1

iPadOS

  • 18.1

macOS Ventura

  • 13.7.1

macOS Sonoma

  • 14.7.1

watchOS

  • 11.1

visionOS

  • 2.1

tvOS

  • 18.1

Description

A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent.

Weaknesses

Date

Published: Oct. 28, 2024, 9:15 p.m.

Last Modified: Oct. 29, 2024, 2:34 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@apple.com

References

https://support.apple.com/en-us/121563
product-security@apple.com
https://support.apple.com/en-us/121565
product-security@apple.com
https://support.apple.com/en-us/121566
product-security@apple.com
https://support.apple.com/en-us/121568
product-security@apple.com
https://support.apple.com/en-us/121569
product-security@apple.com
https://support.apple.com/en-us/121570
product-security@apple.com