PT-2024-22081 · Apple · Visionos+5

Published

2024-05-13

Updated

2024-10-07

CVE-2024-27850

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions visionOS versions prior to 1.2 macOS Sonoma versions prior to 14.5 Safari versions prior to 17.5 iOS versions prior to 17.5 iPadOS versions prior to 17.5

Description A maliciously crafted webpage may be able to fingerprint the user due to an issue that was addressed with improvements to the noise injection algorithm.

Recommendations For visionOS versions prior to 1.2, update to visionOS 1.2 to resolve the issue. For macOS Sonoma versions prior to 14.5, update to macOS Sonoma 14.5 to resolve the issue. For Safari versions prior to 17.5, update to Safari 17.5 to resolve the issue. For iOS versions prior to 17.5, update to iOS 17.5 to resolve the issue. For iPadOS versions prior to 17.5, update to iPadOS 17.5 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-359

Related Identifiers

CVE-2024-27850

Affected Products

Apple Macos

Safari

Ios

Ipados

Macos Sonoma

Visionos

PT-2024-22081 · Apple · Visionos+5

CVE-2024-27850

Weakness Enumeration

Related Identifiers

Affected Products

References · 24