CVE-2024-54541

Published Jan 27, 2025

Last updated 24 days ago

CVSS medium 5.5

Overview

Description: This issue was addressed through improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An app may be able to access user-sensitive data.
Source: product-security@apple.com
NVD status: Modified
Products: ipados, iphone_os, macos, tvos, visionos, watchos

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-922

Hype score: Not currently trending

CVE-2024-54541 This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18… https://t.co/KS9BcMXbpl
@CVEnew
28 Jan 2025
30 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57",
            "versionEndExcluding": "18.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0",
            "versionEndExcluding": "18.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0E37694D-5783-4112-B372-5915C231512F",
            "versionEndExcluding": "13.7.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066",
            "versionEndExcluding": "14.7.2",
            "versionStartIncluding": "14.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D",
            "versionEndExcluding": "15.2",
            "versionStartIncluding": "15.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C",
            "versionEndExcluding": "18.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "16F83EAF-2879-4515-BC44-6AE5006D35EE",
            "versionEndExcluding": "2.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3",
            "versionEndExcluding": "11.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References