CVE-2024-23240

4 documents4 sources
Severity
2.4LOW
EPSS
0.1%
top 72.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple IOS AND IpadosApple Ipad OSApple Iphone OS
Timeline
PublishedMar 8

Description

The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages3 packages

NVDapple/ipad_os< 17.4
CVEListV5apple/ios_and_ipados< 17.4
NVDapple/iphone_os< 17.4

🔴Vulnerability Details

2
CVEList
CVE-2024-23240: The issue was addressed with improved checks2024-03-08
GHSA
GHSA-j333-97w2-3p5r: The issue was addressed with improved checks2024-03-08

📋Vendor Advisories

1
Apple
CVE-2024-23240: iOS 17.4 and iPadOS 17.42024-03-05