CVE-2024-27821

Exploited in the Wild

NIST CVSS Scores

CVSS v3.1 Base Score: 4.7 (Medium)

AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA CVSS Scores

CVSS v3.1 Base Score: 7.5 (High)

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Operating Systems Impacted

macOS Sonoma (prior to 14.5)
iOS (prior to 17.5)
iPadOS (prior to 17.5)
watchOS (prior to 10.5)

Additional Resources

NVD CVE-2024-27821
macOS Sonoma 14.5
iOS 17.5 and iPadOS 17.5
watchOS 10.5

Description

CVE-2024-27821 is a path handling issue within Apple's Shortcuts app. A flaw in the validation process could allow a shortcut to output sensitive user data without consent. Apple addressed this vulnerability by implementing improved validation mechanisms in macOS Sonoma 14.5, iOS 17.5, iPadOS 17.5, and watchOS 10.5.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of sensitive user information. The severity of this issue has been assessed as follows:

Stay up to date

Iru's weekly collection of articles, videos, and research to keep IT & Security teams ahead of the curve.

Description

Impact

CVE-2021-30808

CVE-2023-40424

CVE-2024-27848

Stay up to date