CVE-2024-27807 — Apple IOS AND Ipados vulnerability

4 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.1%

top 71.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Ipados Apple Iphone OS +2 more

Timeline

PublishedJun 10

Description

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5. An app may be able to circumvent App Privacy Report logging.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages5 packages

▶NVDapple/ipados17.0 — 17.5+1

▶CVEListV5apple/ios_and_ipados< 16.7.8+1

▶Appleapple/ios_17.5_and_ipados17.5

▶Appleapple/ios_16.7.8_and_ipados16.7.8

▶NVDapple/iphone_os17.0 — 17.5+1

🔴Vulnerability Details

GHSA

GHSA-p82c-6c84-fq36: The issue was addressed with improved checks↗2024-06-10

▶

📋Vendor Advisories

Apple

CVE-2024-27807: iOS 17.5 and iPadOS 17.5↗2024-05-13

▶

Apple

CVE-2024-27807: iOS 16.7.8 and iPadOS 16.7.8↗2024-05-13

▶