CVE-2024-23204

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.3 watchOS versions prior to 10.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3

Description: The issue is related to the Apple Shortcuts app, where a shortcut may be able to use sensitive data with certain actions without prompting the user. This is due to errors in handling permissions. The vulnerability could allow attackers to access sensitive information without user consent on older iOS, iPadOS, macOS, and watchOS devices.

Recommendations: Update to macOS Sonoma 14.3 or later Update to watchOS 10.3 or later Update to iOS 17.3 or later Update to iPadOS 17.3 or later As a temporary workaround, consider disabling the use of shortcuts that may utilize sensitive data without user consent until a patch is applied. Avoid opening shortcuts from unknown users and be cautious when clicking on links in applications.