CVE-2024-44200

Published: Dec 12, 2024Modified: Apr 2, 2026

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to read sensitive location information.

Affected (2)

Products: Apple: Ipados, Iphone Os

Apple

2 products

Ipados

Iphone Os

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 18.1
Apple Iphone Os	Before 18.1

Related CWEs

CWE-922

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (2)

https://support.apple.com/en-us/121563

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/121564

Source: product-security@apple.com

Timeline

No history available yet.