CVE-2024-44258
published 2024-10-28CVE-2024-44258: This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS…
high7.1CVSS 3.1
AVLACLPRNUIRSUCNIHAH
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_17.7.1_and_ipados | — | — |
| apple | ios_18.1_and_ipados | — | — |
| apple | ios_and_ipados | < 17.7.1 | 17.7.1 |
| apple | ios_and_ipados | < 18.1 | 18.1 |
| apple | ipados | < 17.7.1 | 17.7.1 |
| apple | ipados | >= 18.0 < 18.1 | 18.1 |
| apple | iphone_os | < 17.7.1 | 17.7.1 |
| apple | iphone_os | >= 18.0 < 18.1 | 18.1 |
| apple | tvos | < 18.1 | 18.1 |
| apple | tvos18.1 | — | — |
| apple | visionos | < 2.1 | 2.1 |
| apple | visionos2.1 | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
vulncheck7.1HIGH