CVE-2024-40791

low

Description

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access information about a user's contacts.

References

https://support.apple.com/en-us/121250

https://support.apple.com/en-us/121247

https://support.apple.com/en-us/121246

https://support.apple.com/en-us/121238

https://support.apple.com/en-us/121234

http://seclists.org/fulldisclosure/2024/Sep/41

http://seclists.org/fulldisclosure/2024/Sep/40

http://seclists.org/fulldisclosure/2024/Sep/39

http://seclists.org/fulldisclosure/2024/Sep/33

http://seclists.org/fulldisclosure/2024/Sep/32

Details

Source: Mitre, NVD

Published: 2024-09-17

Updated: 2025-11-04

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.00038