This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content.
History

Tue, 29 Oct 2024 23:00:00 +0000

Type Values Removed Values Added
Description This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker may be able to misuse a trust relationship to download malicious content. This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content.
References

Tue, 29 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Apple visionos
CPEs cpe:2.3:o:apple:ios:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ios
Apple ipados
Apple visionos
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 28 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Description This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker may be able to misuse a trust relationship to download malicious content.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-10-28T21:07:39.566Z

Updated: 2024-11-01T03:55:41.455Z

Reserved: 2024-08-20T21:45:40.786Z

Link: CVE-2024-44259

cve-icon Vulnrichment

Updated: 2024-10-29T19:54:33.882Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2024-10-28T21:15:07.160

Modified: 2024-10-29T23:15:03.663

Link: CVE-2024-44259

cve-icon Redhat

No data.