Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0062
Vulnerability from certfr_avis - Published: 2024-01-23 - Updated: 2024-02-01
De multiples vulnérabilités ont été découvertes dans les produits Apple. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et une exécution de code arbitraire à distance.
D'après l'éditeur, la vulnérabilité CVE-2024-23222 est activement exploitée. Apple a également publié des correctifs pour les appareils plus anciens qui ne supportent pas les versions plus récentes d'iOS et iPadOS. Ceux-ci concernent les vulnérabilités CVE-2023-42916 et CVE-2023-42917 qui sont également activement exploitées.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | macOS | macOS Ventura versions antérieures à 13.6.4 | ||
| Apple | N/A | iOS versions 16.x antérieures à 16.7.5 | ||
| Apple | N/A | iPadOS versions 16.x antérieures à 16.7.5 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.3 | ||
| Apple | N/A | iOS versions 17.x antérieures à 17.3 | ||
| Apple | Safari | Safari versions antérieures à 17.3 | ||
| Apple | macOS | macOS Monterey versions antérieures à 12.7.3 | ||
| Apple | N/A | iPadOS versions 17.x antérieures à 17.3 | ||
| Apple | N/A | iOS versions 15.x antérieures à 15.8.1 | ||
| Apple | N/A | iPadOS versions antérieures à 15.8.1 | ||
| Apple | N/A | visionOS versions antérieures à 1.0.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.6.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 16.x ant\u00e9rieures \u00e0 16.7.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 16.x ant\u00e9rieures \u00e0 16.7.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 17.x ant\u00e9rieures \u00e0 17.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 17.3",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Monterey versions ant\u00e9rieures \u00e0 12.7.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 17.x ant\u00e9rieures \u00e0 17.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 15.x ant\u00e9rieures \u00e0 15.8.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 15.8.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 1.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-23204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23204"
},
{
"name": "CVE-2024-23208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23208"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42916"
},
{
"name": "CVE-2024-23224",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23224"
},
{
"name": "CVE-2024-23217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23217"
},
{
"name": "CVE-2024-23210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23210"
},
{
"name": "CVE-2023-42935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42935"
},
{
"name": "CVE-2023-42937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42937"
},
{
"name": "CVE-2023-40528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40528"
},
{
"name": "CVE-2023-42887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42887"
},
{
"name": "CVE-2023-42917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42917"
},
{
"name": "CVE-2024-23213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23213"
},
{
"name": "CVE-2024-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23219"
},
{
"name": "CVE-2024-23211",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23211"
},
{
"name": "CVE-2024-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23222"
},
{
"name": "CVE-2023-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42915"
},
{
"name": "CVE-2024-23207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23207"
},
{
"name": "CVE-2024-23203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23203"
},
{
"name": "CVE-2024-23206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23206"
},
{
"name": "CVE-2024-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23218"
},
{
"name": "CVE-2024-23209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23209"
},
{
"name": "CVE-2024-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23215"
},
{
"name": "CVE-2023-42888",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42888"
},
{
"name": "CVE-2024-23223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23223"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2024-23212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23212"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2024-23214",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23214"
}
],
"initial_release_date": "2024-01-23T00:00:00",
"last_revision_date": "2024-02-01T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0062",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-01-23T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 Apple HT214070.",
"revision_date": "2024-02-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un\ncontournement de la politique de s\u00e9curit\u00e9 et une ex\u00e9cution de code\narbitraire \u00e0 distance.\n\nD\u0027apr\u00e8s l\u0027\u00e9diteur, la vuln\u00e9rabilit\u00e9 CVE-2024-23222 est activement\nexploit\u00e9e. \u003cspan class=\"mx_EventTile_body\" dir=\"auto\"\u003eApple a \u00e9galement\npubli\u00e9 des correctifs pour les appareils plus anciens qui ne supportent\npas les versions plus r\u00e9centes d\u0027iOS et iPadOS. Ceux-ci concernent les\nvuln\u00e9rabilit\u00e9s CVE-2023-42916 et CVE-2023-42917 qui sont \u00e9galement\nactivement exploit\u00e9es.\u003c/span\u003e\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214056 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214056"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214059 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214059"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214062 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214062"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214063 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214063"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214070 du 31 janvier 2024",
"url": "https://support.apple.com/en-us/HT214070"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214057 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214057"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214058 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214058"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT214061 du 22 janvier 2024",
"url": "https://support.apple.com/en-us/HT214061"
}
]
}
CVE-2023-42937 (GCVE-0-2023-42937)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2025-11-04 18:17
VLAI
EPSS
Summary
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- An app may be able to access sensitive user data
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
14 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS and iPadOS |
Affected:
unspecified , < 17.2
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 13.6
(custom)
|
|
| Apple | iOS and iPadOS |
Affected:
unspecified , < 16.7
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 14.2
(custom)
|
|
| Apple | watchOS |
Affected:
unspecified , < 10.2
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 12.7
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:16.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214035"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214058"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214063"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214036"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214041"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214057"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214036"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214035"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214041"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/34"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/37"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/38"
},
{
"url": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214058"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-42937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-23T23:27:46.001828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:51:26.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to access sensitive user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-26T17:07:43.045Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/HT214035"
},
{
"url": "https://support.apple.com/en-us/HT214058"
},
{
"url": "https://support.apple.com/en-us/HT214063"
},
{
"url": "https://support.apple.com/en-us/HT214036"
},
{
"url": "https://support.apple.com/en-us/HT214041"
},
{
"url": "https://support.apple.com/en-us/HT214057"
},
{
"url": "https://support.apple.com/kb/HT214036"
},
{
"url": "https://support.apple.com/kb/HT214035"
},
{
"url": "https://support.apple.com/kb/HT214041"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/34"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/37"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/38"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2023-42937",
"datePublished": "2024-01-23T00:25:36.060Z",
"dateReserved": "2023-09-14T19:05:11.471Z",
"dateUpdated": "2025-11-04T18:17:16.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23203 (GCVE-0-2024-23203)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:23
VLAI
EPSS
Summary
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- A shortcut may be able to use sensitive data with certain actions without prompting the user
- CWE-noinfo Not enough information
Assigner
References
12 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS and iPadOS |
Affected:
0 , < 16.7.6
(custom)
Affected: 0 , < 17.3 (custom) |
|
| Apple | macOS |
Affected:
0 , < 13.6.5
(custom)
Affected: 0 , < 14.3 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:23:50.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214082"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214085"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/22"
},
{
"url": "https://support.apple.com/kb/HT214061"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:27:51.704905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T14:20:22.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.6.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A shortcut may be able to use sensitive data with certain actions without prompting the user",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:23:51.232Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120880"
},
{
"url": "https://support.apple.com/en-us/120886"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23203",
"datePublished": "2024-01-23T00:25:33.071Z",
"dateReserved": "2024-01-12T22:22:21.475Z",
"dateUpdated": "2026-04-02T18:23:51.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23204 (GCVE-0-2024-23204)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:22
VLAI
EPSS
Summary
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- A shortcut may be able to use sensitive data with certain actions without prompting the user
- CWE-noinfo Not enough information
Assigner
References
18 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:23:51.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214082"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214083"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214085"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/22"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/23"
},
{
"url": "https://support.apple.com/kb/HT214061"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T23:30:58.738287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T14:20:28.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7.6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "13.6.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain actions without prompting the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A shortcut may be able to use sensitive data with certain actions without prompting the user",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:22:22.659Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120880"
},
{
"url": "https://support.apple.com/en-us/120884"
},
{
"url": "https://support.apple.com/en-us/120886"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23204",
"datePublished": "2024-01-23T00:25:30.276Z",
"dateReserved": "2024-01-12T22:22:21.475Z",
"dateUpdated": "2026-04-02T18:22:22.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23206 (GCVE-0-2024-23206)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:16
VLAI
EPSS
Summary
An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A maliciously crafted webpage may be able to fingerprint the user.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- A maliciously crafted webpage may be able to fingerprint the user
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
27 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214063"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214055"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214056"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214063"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214055"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214056"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/27"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/34"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/40"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/05/8"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23206",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T14:46:17.452812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T14:51:37.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A maliciously crafted webpage may be able to fingerprint the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A maliciously crafted webpage may be able to fingerprint the user",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:16:20.058Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120310"
},
{
"url": "https://support.apple.com/en-us/120311"
},
{
"url": "https://support.apple.com/en-us/120339"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23206",
"datePublished": "2024-01-23T00:25:22.555Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:16:20.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23207 (GCVE-0-2024-23207)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:13
VLAI
EPSS
Summary
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, watchOS 10.3. An app may be able to access sensitive user data.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- An app may be able to access sensitive user data
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
17 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:23:56.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214058"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214057"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/37"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/38"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"url": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214058"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:28:57.506478Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T15:19:55.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "13.6.4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, watchOS 10.3. An app may be able to access sensitive user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to access sensitive user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:13:35.731Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120305"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120307"
},
{
"url": "https://support.apple.com/en-us/120309"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23207",
"datePublished": "2024-01-23T00:25:21.694Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:13:35.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23208 (GCVE-0-2024-23208)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:20
VLAI
EPSS
Summary
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to execute arbitrary code with kernel privileges.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- An app may be able to execute arbitrary code with kernel privileges
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
14 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:23:59.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214055"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/40"
},
{
"url": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214055"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-06T05:00:11.545144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T15:06:13.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to execute arbitrary code with kernel privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to execute arbitrary code with kernel privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:20:52.972Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120311"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23208",
"datePublished": "2024-01-23T00:25:28.334Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:20:52.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23209 (GCVE-0-2024-23209)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:19
VLAI
EPSS
Summary
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Processing web content may lead to arbitrary code execution
- CWE-noinfo Not enough information
Assigner
References
4 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:24:00.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"url": "https://support.apple.com/kb/HT214061"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:30:58.707609Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T14:20:40.408Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing web content may lead to arbitrary code execution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:19:15.961Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120309"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23209",
"datePublished": "2024-01-23T00:25:25.374Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:19:15.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23210 (GCVE-0-2024-23210)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:16
VLAI
EPSS
Summary
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to view a user's phone number in system logs.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- An app may be able to view a user's phone number in system logs
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
14 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:24:04.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214055"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/40"
},
{
"url": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214055"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T16:32:19.377821Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T15:16:43.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to view a user\u0027s phone number in system logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to view a user\u0027s phone number in system logs",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:16:33.433Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120311"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23210",
"datePublished": "2024-01-23T00:25:23.602Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:16:33.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23211 (GCVE-0-2024-23211)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:13
VLAI
EPSS
Summary
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- A user's private browsing activity may be visible in Settings
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
18 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:24:08.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214063"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214056"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/27"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/34"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"url": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214056"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23211",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-23T13:23:02.240179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T19:12:28.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user\u0027s private browsing activity may be visible in Settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A user\u0027s private browsing activity may be visible in Settings",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:13:24.882Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120310"
},
{
"url": "https://support.apple.com/en-us/120339"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23211",
"datePublished": "2024-01-23T00:25:20.675Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:13:24.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23212 (GCVE-0-2024-23212)
Vulnerability from cvelistv5 – Published: 2024-01-23 00:25 – Updated: 2026-04-02 18:22
VLAI
EPSS
Summary
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, watchOS 10.3. An app may be able to execute arbitrary code with kernel privileges.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- An app may be able to execute arbitrary code with kernel privileges
- CWE-noinfo Not enough information
Assigner
References
24 references
Impacted products
4 products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:24:11.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214058"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214059"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214063"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214055"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214060"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214061"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT214057"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/33"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/36"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/34"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/37"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/38"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/39"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/40"
},
{
"url": "https://support.apple.com/kb/HT214063"
},
{
"url": "https://support.apple.com/kb/HT214061"
},
{
"url": "https://support.apple.com/kb/HT214058"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23212",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:30:55.599318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T14:20:34.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "13.6.4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "14.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, watchOS 10.3. An app may be able to execute arbitrary code with kernel privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to execute arbitrary code with kernel privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:22:12.384Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/120304"
},
{
"url": "https://support.apple.com/en-us/120305"
},
{
"url": "https://support.apple.com/en-us/120306"
},
{
"url": "https://support.apple.com/en-us/120307"
},
{
"url": "https://support.apple.com/en-us/120309"
},
{
"url": "https://support.apple.com/en-us/120310"
},
{
"url": "https://support.apple.com/en-us/120311"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2024-23212",
"datePublished": "2024-01-23T00:25:29.242Z",
"dateReserved": "2024-01-12T22:22:21.476Z",
"dateUpdated": "2026-04-02T18:22:12.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…