PT-2024-31035 · Apple · Ipados+2

Kenneth Chew

Published

2024-09-16

Updated

2024-12-11

CVE-2024-44202

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18 iPadOS versions prior to 18

Description An authentication issue was addressed with improved state management, allowing Private Browsing tabs to be accessed without authentication. The issue has been exploited publicly.

Recommendations For iOS versions prior to 18, update to iOS 18 to resolve the issue. For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2024-44202

Affected Products

Apple Macos

Ios

Ipados

PT-2024-31035 · Apple · Ipados+2

CVE-2024-44202

Weakness Enumeration

Related Identifiers

Affected Products

References · 11