Security News > 2024 > February > Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability
2024-02-23 05:05
Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and
News URL
https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html
Related news
- Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover (source)
- Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) (source)
- Hardware-level Apple Silicon vulnerability can leak cryptographic keys (source)
- New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys (source)
- New GoFetch Vulnerability in Apple’s M Chips Allows Secret Keys Leak on Compromised Computers (source)
- Hardware Vulnerability in Apple’s M-Series Chips (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-23 | CVE-2024-23204 | Unspecified vulnerability in Apple products The issue was addressed with additional permissions checks. | 7.5 |