CVE-2024-27850

2024-06-1020:56:45

apple

github.com

cve-2024-27850

noise injection algorithm

visionos

macos sonoma

safari

ios

ipados

fingerprinting vulnerability

AI Score

Confidence

Low

EPSS

0.001

Percentile

22.0%

SSVC

Exploitation

none

Automatable

yes

Technical Impact

total

JSON

This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5, iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to fingerprint the user.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:apple:visionos:-:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "visionos",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "1.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "macos",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "14.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "safari",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*"
    ],
    "vendor": "apple",
    "product": "iphone_os",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*"
    ],
    "vendor": "apple",
    "product": "ipad_os",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]