CVE-2024-54492 — Apple IOS AND Ipados vulnerability

7 documents4 sources

Severity

5.9MEDIUMNVD

EPSS

0.2%

top 56.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Ipados Apple Macos +2 more

Timeline

PublishedDec 12

Description

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages8 packages

▶CVEListV5apple/ipados< 17.7.3

▶NVDapple/ipados18.0 — 18.2+1

▶CVEListV5apple/ios_and_ipados< 18.2

▶CVEListV5apple/macos< 15.2

▶NVDapple/macos< 15.2

🔴Vulnerability Details

GHSA

GHSA-jw8x-5w8f-9hrm: This issue was addressed by using HTTPS when sending information over the network↗2024-12-12

▶

CVEList

CVE-2024-54492: This issue was addressed by using HTTPS when sending information over the network↗2024-12-11

▶

📋Vendor Advisories

Apple

CVE-2024-54492: iPadOS17.7.3↗2024-12-11

▶

Apple

CVE-2024-54492: iOS18.2 and iPadOS18.2↗2024-12-11

▶

Apple

CVE-2024-54492: visionOS2.2↗2024-12-11

▶

Apple

CVE-2024-54492: macOS Sequoia 15.2↗2024-12-11

▶