CVE-2024-23262
published 2024-03-08CVE-2024-23262: This issue was addressed with additional entitlement checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, visionOS 1.1. An…
low3.3CVSS 3.1
AVLACLPRNUIRSUCNILAN
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, visionOS 1.1. An app may be able to spoof system notifications and UI.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_16.7.6_and_ipados | — | — |
| apple | ios_17.4_and_ipados | — | — |
| apple | ios_and_ipados | < 16.7.6 | 16.7.6 |
| apple | ios_and_ipados | < 17.4 | 17.4 |
| apple | ipados | < 16.7.6 | 16.7.6 |
| apple | ipados | >= 17.0 < 17.4 | 17.4 |
| apple | iphone_os | < 16.7.6 | 16.7.6 |
| apple | iphone_os | >= 17.0 < 17.4 | 17.4 |
| apple | visionos | < 1.1 | 1.1 |
| apple | visionos | — | — |
GHSA
GHSA-g4m8-6xwj-mc45: This issue was addressed with additional entitlement checks
ghsa_unreviewed·2024-03-08
CVE-2024-23262 [LOW] CWE-863 GHSA-g4m8-6xwj-mc45: This issue was addressed with additional entitlement checks
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI.
Apple
CVE-2024-23262: visionOS 1.1
vendor_apple·2024-03-07·CVSS 3.3
CVE-2024-23262 [LOW] CVE-2024-23262: visionOS 1.1
Apple Security Update: About the security content of visionOS 1.1
Product: visionOS
Version: 1.1
CVE: CVE-2024-23262
Component: Accessibility
Impact: An app may be able to spoof system notifications and UI
Description: This issue was addressed with additional entitlement checks.
Apple
CVE-2024-23262: iOS 17.4 and iPadOS 17.4
vendor_apple·2024-03-05·CVSS 3.3
CVE-2024-23262 [LOW] CVE-2024-23262: iOS 17.4 and iPadOS 17.4
Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4
Product: iOS 17.4 and iPadOS
Version: 17.4
CVE: CVE-2024-23262
Component: Accessibility
Impact: An app may be able to spoof system notifications and UI
Description: This issue was addressed with additional entitlement checks.
Apple
CVE-2024-23262: iOS 16.7.6 and iPadOS 16.7.6
vendor_apple·2024-03-05·CVSS 3.3
CVE-2024-23262 [LOW] CVE-2024-23262: iOS 16.7.6 and iPadOS 16.7.6
Apple Security Update: About the security content of iOS 16.7.6 and iPadOS 16.7.6
Product: iOS 16.7.6 and iPadOS
Version: 16.7.6
CVE: CVE-2024-23262
Component: Accessibility
Impact: An app may be able to spoof system notifications and UI
Description: This issue was addressed with additional entitlement checks.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/120880https://support.apple.com/en-us/120883https://support.apple.com/en-us/120893http://seclists.org/fulldisclosure/2024/Mar/26https://support.apple.com/en-us/HT214081https://support.apple.com/en-us/HT214082https://support.apple.com/en-us/HT214087https://support.apple.com/kb/HT214081https://support.apple.com/kb/HT214082https://support.apple.com/kb/HT214087
2024-03-08
Published