← Back

CVE-2024-27852

nvd nist
Published: May 14, 2024Modified: Apr 2, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

A privacy issue was addressed with improved client ID handling for alternative app marketplaces. This issue is fixed in iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages.

Affected (2)

Products: Apple: Ipados, Iphone Os
Apple
2 products
Ipados
Iphone Os
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Ipados
Before 17.5
Iphone Os
Before 17.5

References (4)

Source: product-security@apple.com
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.