CVE-2024-27821 | THREATINT

Assigner	apple
Reserved	2024-02-26
Published	2024-05-13
Updated	2024-05-13

Description

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent.

Problem types

A shortcut may output sensitive user data without consent

Product status

Any version before 17.5

affected

Any version before 14.5

affected

Any version before 10.5

affected

References

https://support.apple.com/en-us/HT214101

https://support.apple.com/en-us/HT214106

https://support.apple.com/en-us/HT214104

http://seclists.org/fulldisclosure/2024/May/10

https://support.apple.com/kb/HT214104

https://support.apple.com/kb/HT214106

http://seclists.org/fulldisclosure/2024/May/12

http://seclists.org/fulldisclosure/2024/May/16

https://support.apple.com/kb/HT214101

cve.org CVE-2024-27821

nvd.nist.gov CVE-2024-27821

Download JSON