CVE-2024-54542

Summary

An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2. Private Browsing tabs may be accessed without authentication.

Affected Software

VendorProductVersion RangeStatus
AppleSafari0 < 18.2affected
AppleiOS and iPadOS0 < 18.2affected
ApplemacOS0 < 15.2affected
ApplewatchOS0 < 11.2affected

Weaknesses

  • Private Browsing tabs may be accessed without authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References