CVE-2024-23235

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Mar 8, 2024
Updated: Dec 20, 2024
CWE ID 362
CWE ID 200

Summary

CVE-2024-23235 is a recently identified race condition vulnerability that has been addressed in multiple Apple operating systems. This issue, if exploited, could allow a malicious app to access user-sensitive data. The affected systems include macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, and tvOS 17.4. Apple has resolved this vulnerability by adding additional validation to prevent such unauthorized access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share