Search for vulnerabilities
Vulnerability details: VCID-52b9-fhjp-aaan
Vulnerability ID VCID-52b9-fhjp-aaan
Aliases CVE-2024-23206
Summary An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23206.json
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00118 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00118 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0035 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0035 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0035 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0035 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0035 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0035 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.0038 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00391 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00391 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00391 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00516 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.00516 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.01915 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
epss 0.02696 https://api.first.org/data/v1/epss?cve=CVE-2024-23206
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/27
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/27
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/33
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/33
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/34
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/34
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/36
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/36
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/39
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/39
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2024/Jan/40
ssvc Track http://seclists.org/fulldisclosure/2024/Jan/40
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-23206
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-23206
cvssv3.1 6.5 https://support.apple.com/en-us/HT214055
ssvc Track https://support.apple.com/en-us/HT214055
cvssv3.1 6.5 https://support.apple.com/en-us/HT214056
ssvc Track https://support.apple.com/en-us/HT214056
cvssv3.1 6.5 https://support.apple.com/en-us/HT214059
ssvc Track https://support.apple.com/en-us/HT214059
cvssv3.1 6.5 https://support.apple.com/en-us/HT214060
ssvc Track https://support.apple.com/en-us/HT214060
cvssv3.1 6.5 https://support.apple.com/en-us/HT214061
ssvc Track https://support.apple.com/en-us/HT214061
cvssv3.1 6.5 https://support.apple.com/en-us/HT214063
ssvc Track https://support.apple.com/en-us/HT214063
cvssv3.1 6.5 https://support.apple.com/kb/HT214055
ssvc Track https://support.apple.com/kb/HT214055
cvssv3.1 6.5 https://support.apple.com/kb/HT214056
ssvc Track https://support.apple.com/kb/HT214056
cvssv3.1 6.5 https://support.apple.com/kb/HT214059
ssvc Track https://support.apple.com/kb/HT214059
cvssv3.1 6.5 https://support.apple.com/kb/HT214060
ssvc Track https://support.apple.com/kb/HT214060
cvssv3.1 6.5 https://support.apple.com/kb/HT214061
ssvc Track https://support.apple.com/kb/HT214061
cvssv3.1 6.5 https://support.apple.com/kb/HT214063
ssvc Track https://support.apple.com/kb/HT214063
cvssv3.1 6.5 http://www.openwall.com/lists/oss-security/2024/02/05/8
ssvc Track http://www.openwall.com/lists/oss-security/2024/02/05/8
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23206.json
https://api.first.org/data/v1/epss?cve=CVE-2024-23206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23271
http://seclists.org/fulldisclosure/2024/Jan/27
http://seclists.org/fulldisclosure/2024/Jan/33
http://seclists.org/fulldisclosure/2024/Jan/34
http://seclists.org/fulldisclosure/2024/Jan/36
http://seclists.org/fulldisclosure/2024/Jan/39
http://seclists.org/fulldisclosure/2024/Jan/40
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214056
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214060
https://support.apple.com/en-us/HT214061
https://support.apple.com/en-us/HT214063
https://support.apple.com/kb/HT214055
https://support.apple.com/kb/HT214056
https://support.apple.com/kb/HT214059
https://support.apple.com/kb/HT214060
https://support.apple.com/kb/HT214061
https://support.apple.com/kb/HT214063
http://www.openwall.com/lists/oss-security/2024/02/05/8
2269743 https://bugzilla.redhat.com/show_bug.cgi?id=2269743
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2024-23206 https://nvd.nist.gov/vuln/detail/CVE-2024-23206
GLSA-202407-13 https://security.gentoo.org/glsa/202407-13
RHSA-2024:2126 https://access.redhat.com/errata/RHSA-2024:2126
RHSA-2024:2982 https://access.redhat.com/errata/RHSA-2024:2982
USN-6631-1 https://usn.ubuntu.com/6631-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23206.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/27
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/27
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/33
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/33
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/34
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/34
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/36
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/36
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/39
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/39
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Jan/40
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://seclists.org/fulldisclosure/2024/Jan/40
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-23206
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-23206
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214055
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/en-us/HT214055
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214056
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/en-us/HT214056
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214059
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/en-us/HT214059
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214060
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/en-us/HT214060
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214061
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/en-us/HT214061
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214063
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/en-us/HT214063
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214055
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/kb/HT214055
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214056
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/kb/HT214056
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214059
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/kb/HT214059
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214060
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/kb/HT214060
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214061
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/kb/HT214061
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/kb/HT214063
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at https://support.apple.com/kb/HT214063
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://www.openwall.com/lists/oss-security/2024/02/05/8
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:46:17Z/ Found at http://www.openwall.com/lists/oss-security/2024/02/05/8
Exploit Prediction Scoring System (EPSS)
Percentile 0.42731
EPSS Score 0.00102
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-01-23T11:27:53.096178+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-23206 34.0.0rc2