PT-2025-10623 · Apple · Ipados+3

Ron Masas

Published

2024-09-16

Updated

2025-03-27

CVE-2024-54558

CVSS v2.0

3.2

Low

Vector

AV:L/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18 iPadOS versions prior to 18 macOS Sequoia versions prior to 15

Description A clickjacking issue was addressed with improved out-of-process view handling. This issue may allow an app to trick a user into granting access to photos from the user's photo library.

Recommendations For iOS versions prior to 18, update to iOS 18 or later. For iPadOS versions prior to 18, update to iPadOS 18 or later. For macOS Sequoia versions prior to 15, update to macOS Sequoia 15 or later.

Fix

Clickjacking

UI Misrepresentation of Critical Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1021CWE-451

Related Identifiers

BDU:2025-02518

CVE-2024-54558

Affected Products

Apple Macos

Ios

Ipados

Macos Sequoia

PT-2025-10623 · Apple · Ipados+3

CVE-2024-54558

Weakness Enumeration

Related Identifiers

Affected Products

References · 12