- Description
- This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-59
- Hype score
- Not currently trending
【緊急警告】iOSとmacOSに重大脆弱性、個人情報流出のリスクも - Apple最新アップデートで対策を AppleのiOSとmacOSに発見された重大な脆弱性(CVE-2024-44131)について詳説 【緊急警告】iOSとmacOSに重大脆弱性、個人情報流出のリスクも - Apple最新アップデートで対策… https://t.co/2vr3dXycQc
@jp_cb_security
22 Dec 2024
52 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple Security Flaw Alert 🚨 CVE-2024-44131: A now-patched bug in iOS/macOS allowed apps to bypass security & access sensitive data without consent. 🔒 Patched in iOS 18, iPadOS 18 & macOS Sequoia 15. Update now! #CyberSecurity #AppleVulnerability #DataPrivacy https:
@safeyourweb
19 Dec 2024
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A vulnerability in Apple’s TCC framework has been exposed! The now-patched flaw (CVE-2024-44131) allowed unauthorized apps to access sensitive data, including Health information, microphone, and iCloud backups, without user consent or knowledge.
@918intelligence
16 Dec 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Even Apple's TCC hit by CVE-2024-44131, proving no tech is immune to evolving threats. Prioritize digital hygiene - update, scrutinize, and invest! #Cybersecurity #Apple #Vulnerability https://t.co/FDrADyOeu5
@bigwink87
13 Dec 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"Uncovered symlink exploit (CVE-2024-44131) could bypass TCC framework in iOS and macOS, accessing sensitive info. Good news — it's now patched! Stay updated, stay secure. #AppleSecurity #CyberThreat"[shortened link] https://t.co/j4ZacpX9T3
@SalvadorCloud
13 Dec 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple's TCC framework #vulnerability exposed! A now-patched flaw (CVE-2024-44131) allowed unauthorized apps to access sensitive data like Health info, microphone, and #iCloud backups—without users knowing. Learn more: https://t.co/RfvWopYTGY #infosec #cybersecurity
@TheHackersNews
12 Dec 2024
12793 Impressions
62 Retweets
103 Likes
31 Bookmarks
8 Replies
4 Quotes
Cyber Security News ® iOS TCC Bypass Vulnerability let Attackers Access photos & more From iCloud | Source: https://t.co/2059jmShHC This vulnerability, identified as CVE-2024-44131, affects the Transparency, Consent, and Control (TCC) subsystem. This subsystem is designed to
@mcloxyventures
12 Dec 2024
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
Cyber Security News ® iOS TCC Bypass Vulnerability lets Attackers Access Photos & more From iCloud | Source: https://t.co/hnEUvEOaXU This vulnerability, identified as CVE-2024-44131, affects the Transparency, Consent, and Control (TCC) subsystem. #cybersecurity #iOS
@gbhackers_news
12 Dec 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
macOS及びiOSにおけるTCC迂回の脆弱性CVE-2024-44131について。Jamf社報告。Files.app及びシステムプロセスfileproviderdから、シンボリックリンクの検証不備を悪用するもの。権限昇格。最新のOSではパッチ済み。 https://t.co/JktHL1hDFB
@__kokumoto
11 Dec 2024
799 Impressions
4 Retweets
8 Likes
1 Bookmark
0 Replies
0 Quotes
Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS https://t.co/vEMpRG5OPB
@Dinosn
11 Dec 2024
2082 Impressions
12 Retweets
30 Likes
8 Bookmarks
0 Replies
0 Quotes
Critical Apple security flaw (CVE-2024-44131) lets apps access your photos & location data without permission! Update to iOS 18 & macOS 15 ASAP. #AppleSecurity #iOS18 #macOS15 https://t.co/NG5ksBYjjO
@TLDRStories
10 Dec 2024
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple just fixed a major iOS vulnerability (CVE-2024-44131) that let malicious apps access iCloud data without your consent! 📱💻 Update to iOS 18 or macOS 15 to stay safe. #Technology #Apple https://t.co/3k7kKMKWtH
@apple_news_top
10 Dec 2024
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACD3B3B0-329C-413B-BDF7-6B1C6298846E",
"versionEndExcluding": "18.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2222A2EE-00FA-4019-8779-13B82A4F9DD0",
"versionEndExcluding": "18.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45",
"versionEndExcluding": "15.0"
}
],
"operator": "OR"
}
]
}
]