PT-2024-29121 · Apple · Ipados+1

Tianxiao Hou

Published

2024-10-28

Updated

2024-10-29

CVE-2024-40867

CVSS v3.1

9.6

Critical

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.1 iPadOS versions prior to 18.1

Description A custom URL scheme handling issue was addressed with improved input validation. This issue allows a remote attacker to potentially break out of the Web Content sandbox.

Recommendations For iOS versions prior to 18.1, update to iOS 18.1 or later to resolve the issue. For iPadOS versions prior to 18.1, update to iPadOS 18.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2024-40867

Affected Products

Ios

Ipados

PT-2024-29121 · Apple · Ipados+1

CVE-2024-40867

Related Identifiers

Affected Products

References · 4