CVE-2024-23235
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Published Mar 8, 2024
Updated: Dec 20, 2024
CWE ID 362
CWE ID 200
Summary
CVE-2024-23235 is a recently identified race condition vulnerability that has been addressed in multiple Apple operating systems. This issue, if exploited, could allow a malicious app to access user-sensitive data. The affected systems include macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, and tvOS 17.4. Apple has resolved this vulnerability by adding additional validation to prevent such unauthorized access.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share