CVE-2024-40805

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to bypass Privacy preferences.
Configurations

No configuration.

History

21 Nov 2024, 09:31

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2024/Jul/16 - () http://seclists.org/fulldisclosure/2024/Jul/16 -
References () http://seclists.org/fulldisclosure/2024/Jul/18 - () http://seclists.org/fulldisclosure/2024/Jul/18 -
References () http://seclists.org/fulldisclosure/2024/Jul/21 - () http://seclists.org/fulldisclosure/2024/Jul/21 -
References () http://seclists.org/fulldisclosure/2024/Jul/22 - () http://seclists.org/fulldisclosure/2024/Jul/22 -
References () https://support.apple.com/en-us/HT214117 - () https://support.apple.com/en-us/HT214117 -
References () https://support.apple.com/en-us/HT214119 - () https://support.apple.com/en-us/HT214119 -
References () https://support.apple.com/en-us/HT214122 - () https://support.apple.com/en-us/HT214122 -
References () https://support.apple.com/en-us/HT214124 - () https://support.apple.com/en-us/HT214124 -

01 Aug 2024, 13:58

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.7
CWE CWE-281

30 Jul 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) Se solucionó un problema de permisos con restricciones adicionales. Este problema se solucionó en watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 y iPadOS 17.6, tvOS 17.6. Es posible que una aplicación pueda omitir las preferencias de privacidad.

30 Jul 2024, 02:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Jul/18 -

30 Jul 2024, 01:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Jul/16 -
  • () http://seclists.org/fulldisclosure/2024/Jul/21 -
  • () http://seclists.org/fulldisclosure/2024/Jul/22 -

29 Jul 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-29 23:15

Updated : 2024-11-21 09:31


NVD link : CVE-2024-40805

Mitre link : CVE-2024-40805

CVE.ORG link : CVE-2024-40805


JSON object : View

Products Affected

No product.

CWE
CWE-281

Improper Preservation of Permissions