CVE-2024-54492
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apple | iOS and iPadOS | 0 < 18.2 | affected |
| Apple | iPadOS | 0 < 17.7.3 | affected |
| Apple | macOS | 0 < 15.2 | affected |
| Apple | visionOS | 0 < 2.2 | affected |
Weaknesses
- An attacker in a privileged network position may be able to alter network traffic
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
CVE Program Container
Additional References
- http://seclists.org/fulldisclosure/2024/Dec/12
- http://seclists.org/fulldisclosure/2024/Dec/7
- http://seclists.org/fulldisclosure/2024/Dec/6
References
- https://support.apple.com/en-us/121837
- https://support.apple.com/en-us/121838
- https://support.apple.com/en-us/121839
- https://support.apple.com/en-us/121845
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.