CVE-2024-44290

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Dec 12, 2024
Updated: Dec 16, 2024

Summary

CVE-2024-44290 is a vulnerability affecting iOS and iPadOS, where an app could potentially determine a user's current location despite improved redaction of sensitive information. This issue has been resolved in iOS 18.1 and iPadOS 18.1, as well as watchOS 11.1. The vulnerability allows unauthorized access to location data, posing a privacy risk for affected users. Users are recommended to update their devices to the latest software versions to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • iOS
  • iPadOS
  • Apple Watch
  • Apple (iPhone OS)
  • WatchOS

Affected Vendors

  • Apple