216.73.217.86

CVE-2024-44258

· Published 28/10/2024 21:15 · Modified 06/11/2024 14:35

Labels: CVE-2024-44258 2024-10-28CVE-2024-44258CWE-59[email protected]

Essential information

Published
28/10/2024 21:15
Modified
06/11/2024 14:35
Author
Creator
CVSS
7.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CVSS metrics

Description

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.

NVD status

Status
Modified — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
apple / ipados cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
apple / ipados cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
apple / iphone os cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
apple / iphone os cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
apple / tvos cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
apple / visionos cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

References