This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI.
References
| Link | Resource |
|---|---|
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214082 | Vendor Advisory |
| https://support.apple.com/en-us/HT214087 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214082 | Vendor Advisory |
| https://support.apple.com/en-us/HT214087 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Dec 2024, 14:38
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214081 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214082 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214087 - Vendor Advisory | |
| First Time |
Apple
Apple visionos Apple ipados Apple iphone Os |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
| CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
Information
Published : 2024-03-08 02:15
Updated : 2024-12-09 14:38
NVD link : CVE-2024-23262
Mitre link : CVE-2024-23262
CVE.ORG link : CVE-2024-23262
JSON object : View
Products Affected
apple
- ipados
- iphone_os
- visionos
CWE