CVE-2024-40790 โ€” Apple Visionos vulnerability

4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 79.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Visionos
Timeline
PublishedSep 17

Description

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

โ–ถCVEListV5apple/visionos< 2
โ–ถNVDapple/visionos< 2.0

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-5xr9-xvfc-h2q4: The issue was addressed with improved handling of cachesโ†—2024-09-17
โ–ถ
CVEList
CVE-2024-40790: The issue was addressed with improved handling of cachesโ†—2024-09-16
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Apple
CVE-2024-40790: visionOS2โ†—2024-09-16
โ–ถ
CVE-2024-40790 โ€” Apple Visionos vulnerability | cvebase