CVE-2024-40791

low

Description

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to access information about a user's contacts.

References

https://support.apple.com/en-us/121250

https://support.apple.com/en-us/121247

https://support.apple.com/en-us/121246

https://support.apple.com/en-us/121238

https://support.apple.com/en-us/121234

http://seclists.org/fulldisclosure/2024/Sep/41

http://seclists.org/fulldisclosure/2024/Sep/40

http://seclists.org/fulldisclosure/2024/Sep/39

http://seclists.org/fulldisclosure/2024/Sep/33

http://seclists.org/fulldisclosure/2024/Sep/32

Details

Source: Mitre, NVD

Published: 2024-09-17

Updated: 2026-04-02

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.00038