National Cyber Warfare Foundation (NCWF)

Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs


0 user ratings
2024-10-06 23:22:15
milo
Blue Team (CND)
Apple released iOS 18.0.1 update that addressed two vulnerabilities that exposed passwords and audio snippets to attackers. Apple released iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respectively tracked as CVE-2024-44207 and CVE-2024-44204. The company addressed the vulnerability by improving checks. The flaw was reported by Michael Jimenez and an anonymous researcher. The […


Apple released iOS 18.0.1 update that addressed two vulnerabilities that exposed passwords and audio snippets to attackers.





Apple released iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respectively tracked as CVE-2024-44207 and CVE-2024-44204.





The company addressed the vulnerability by improving checks. The flaw was reported by Michael Jimenez and an anonymous researcher.





The vulnerability CVE-2024-44207 may allow threat actors to capture short snippets of audio messages in Messages before the microphone indicator is activated. 





The vulnerability CVE-2024-44204 is a logic issue that could potentially enable VoiceOver to read aloud users’ saved passwords. The issue was addressed with improved validation, it was reported by the researcher Bistrit Dahal.





Apple is not aware of attack in the wild exploiting the above vulnerabilities.





Pierluigi Paganini





Follow me on Twitter: @securityaffairs and Facebook and Mastodon





(SecurityAffairs – hacking, iOS)



Source: SecurityAffairs
Source Link: https://securityaffairs.com/169381/mobile-2/apple-ios-18-0-1.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.