CVE-2024-27810 | THREATINT

Assigner	apple
Reserved	2024-02-26
Published	2024-05-13
Updated	2024-08-02

Description

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to read sensitive location information.

Problem types

An app may be able to read sensitive location information

Product status

Any version before 17.5

affected

Any version before 14.5

affected

Any version before 10.5

affected

Any version before 17.5

affected

References

https://support.apple.com/en-us/HT214101

https://support.apple.com/en-us/HT214106

https://support.apple.com/en-us/HT214104

https://support.apple.com/en-us/HT214102

http://seclists.org/fulldisclosure/2024/May/17

https://support.apple.com/kb/HT214107

http://seclists.org/fulldisclosure/2024/May/10

https://support.apple.com/kb/HT214102

https://support.apple.com/kb/HT214104

https://support.apple.com/kb/HT214105

https://support.apple.com/kb/HT214106

http://seclists.org/fulldisclosure/2024/May/12

http://seclists.org/fulldisclosure/2024/May/16

https://support.apple.com/kb/HT214101

cve.org CVE-2024-27810

nvd.nist.gov CVE-2024-27810

Download JSON