A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication.
References
History

Thu, 12 Dec 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Weaknesses CWE-863
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados

Tue, 29 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipad Os
Apple iphone Os
CPEs cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipad Os
Apple iphone Os
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 28 Oct 2024 21:30:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-10-28T21:08:36.026Z

Updated: 2024-10-29T19:45:31.845Z

Reserved: 2024-08-20T21:42:05.944Z

Link: CVE-2024-44217

cve-icon Vulnrichment

Updated: 2024-10-29T19:45:25.727Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-28T22:15:02.960

Modified: 2024-12-12T19:55:20.407

Link: CVE-2024-44217

cve-icon Redhat

No data.