CVE-2024-44123

Summary

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. A malicious app with root privileges may be able to access keyboard input and location information without user consent.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOS0 < 18affected
ApplemacOS0 < 15affected

Weaknesses

  • A malicious app with root privileges may be able to access keyboard input and location information without user consent

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References