CVE-2024-40812

Published: Jul 29, 2024Modified: Apr 2, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, visionOS 1.3, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements.

Affected (8)

Products: Apple: Ipados, Iphone Os, Macos, Visionos, Watchos

5 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 16.7.9
Apple Ipados	From 17.0 to 17.6
Apple Iphone Os	Before 16.7.9
Apple Iphone Os	From 17.0 to 17.6
Apple Macos	Before 12.7.6
Apple Macos	From 14.0 to 14.6
Apple Visionos	Before 1.3
Apple Watchos	Before 10.6

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (28)

https://support.apple.com/en-us/120908

Source: product-security@apple.com

https://support.apple.com/en-us/120909

Source: product-security@apple.com

https://support.apple.com/en-us/120910

Source: product-security@apple.com

https://support.apple.com/en-us/120911

Source: product-security@apple.com

https://support.apple.com/en-us/120912

Source: product-security@apple.com

https://support.apple.com/en-us/120915

Source: product-security@apple.com

https://support.apple.com/en-us/120916

Source: product-security@apple.com

http://seclists.org/fulldisclosure/2024/Jul/16

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2024/Jul/17

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2024/Jul/18

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2024/Jul/19

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2024/Jul/20

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2024/Jul/21

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2024/Jul/23

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT214116

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214117

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214118

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214119

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214120

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214123

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214124

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/kb/HT214116

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214117

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214118

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214119

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214120

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214123

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214124

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.