PT-2024-19749 · Apple+7 · Visionos+14
James Lee
+1
·
Published
2024-03-07
·
Updated
2024-12-06
·
CVE-2024-23254
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
tvOS versions prior to 17.4
macOS Sonoma versions prior to 14.4
visionOS versions prior to 1.1
iOS versions prior to 17.4
iPadOS versions prior to 17.4
watchOS versions prior to 10.4
Safari versions prior to 17.4
Description
The issue was addressed with improved UI handling. A malicious website may exfiltrate audio data cross-origin.
Recommendations
For tvOS versions prior to 17.4, update to tvOS 17.4 to resolve the issue.
For macOS Sonoma versions prior to 14.4, update to macOS Sonoma 14.4 to resolve the issue.
For visionOS versions prior to 1.1, update to visionOS 1.1 to resolve the issue.
For iOS versions prior to 17.4, update to iOS 17.4 to resolve the issue.
For iPadOS versions prior to 17.4, update to iPadOS 17.4 to resolve the issue.
For watchOS versions prior to 10.4, update to watchOS 10.4 to resolve the issue.
For Safari versions prior to 17.4, update to Safari 17.4 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Centos
Debian
Linuxmint
Apple Macos
Red Hat
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sonoma
Tvos
Visionos
Watchos