CVE-2024-44200

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Dec 12, 2024
Updated: Dec 13, 2024
CWE ID 922

Summary

CVE-2024-44200 is a vulnerability affecting iOS and iPadOS where an app can potentially access sensitive location information due to insufficient redaction. This issue has been resolved in the latest updates, iOS 18.1 and iPadOS 18.1. The vulnerability arose from improper handling of location data, allowing apps to gain unauthorized access to private information. This could pose a significant risk to user privacy, as the affected data may include precise location details. The fix implemented in the updates addresses this concern by strengthening the redaction process for location information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • iOS
  • iPadOS
  • Apple (iPhone OS)

Affected Vendors

  • Apple