{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-40795", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2024-07-10T17:11:04.691Z", "datePublished": "2024-07-29T22:17:11.340Z", "dateUpdated": "2025-03-25T16:30:46.830Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to read sensitive location information"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "17.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "10.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "14.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "17.6", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information."}], "references": [{"url": "https://support.apple.com/en-us/HT214117"}, {"url": "https://support.apple.com/en-us/HT214124"}, {"url": "https://support.apple.com/en-us/HT214119"}, {"url": "https://support.apple.com/en-us/HT214122"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/16"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/21"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/22"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/18"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-07-29T22:17:11.340Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40795", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-30T14:47:45.665505Z"}}}, {"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-25T16:30:46.830Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:54.657Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214117", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214124", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214119", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214122", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/16", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/22", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/18", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214117", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214124", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214119", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214122", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/16", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/22", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/18", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:54.657Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40795", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-30T14:47:45.665505Z"}}}, {"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T14:47:54.456Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "17.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "10.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "17.6", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT214117"}, {"url": "https://support.apple.com/en-us/HT214124"}, {"url": "https://support.apple.com/en-us/HT214119"}, {"url": "https://support.apple.com/en-us/HT214122"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/16"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/21"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/22"}, {"url": "http://seclists.org/fulldisclosure/2024/Jul/18"}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to read sensitive location information"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-07-29T22:17:11.340Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40795", "state": "PUBLISHED", "dateUpdated": "2025-03-25T16:30:46.830Z", "dateReserved": "2024-07-10T17:11:04.691Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2024-07-29T22:17:11.340Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062", "versionEndExcluding": "17.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352", "versionEndExcluding": "17.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9", "versionEndExcluding": "14.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5", "versionEndExcluding": "17.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0", "versionEndExcluding": "10.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information."}, {"lang": "es", "value": " Este problema se solucion\u00f3 mejorando la protecci\u00f3n de datos. Este problema se solucion\u00f3 en watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 y iPadOS 17.6, tvOS 17.6. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de ubicaci\u00f3n."}], "id": "CVE-2024-40795", "lastModified": "2025-03-25T17:15:59.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-29T23:15:12.477", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/16"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/18"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/21"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/22"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214117"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214119"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214122"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214124"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/18"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jul/22"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214117"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214119"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214122"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214124"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}