CVE-2024-23251
First published: Mon May 13 2024(Updated: )
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. An attacker with physical access may be able to leak Mail account credentials.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <16.7.8 | |
| Apple iPadOS | >=17.0<17.5 | |
| Apple iPhone OS | <16.7.8 | |
| Apple iPhone OS | >=17.0<17.5 | |
| Apple macOS | >=14.0<14.5 | |
| Apple watchOS | <10.5 | |
| <10.5 | 10.5 | |
| <14.5 | 14.5 | |
| <17.5 | 17.5 | |
| <17.5 | 17.5 | |
| Apple iOS | <16.7.8 | 16.7.8 |
| Apple iPadOS | <16.7.8 | 16.7.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT214101 (Advisory)
- https://support.apple.com/en-us/HT214100 (Advisory)
- https://support.apple.com/en-us/HT214106 (Advisory)
- https://support.apple.com/en-us/HT214104 (Advisory)
- https://support.apple.com/kb/HT214100
- https://support.apple.com/kb/HT214101
- https://support.apple.com/kb/HT214104
- https://support.apple.com/kb/HT214106
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2024-27826
- CVE-2024-27804
- CVE-2024-27816
- CVE-2024-27805
- CVE-2024-27832
- CVE-2024-27801
- CVE-2024-27828
- CVE-2024-27840
- CVE-2024-27815
- CVE-2024-27823
- CVE-2024-27811
- CVE-2024-23251
- CVE-2024-23282
- CVE-2024-27810
- CVE-2024-27800
- CVE-2024-27814
- CVE-2024-27821
- CVE-2024-27806
- CVE-2024-27884
- CVE-2024-27834
- CVE-2024-27838
- CVE-2024-27808
- CVE-2024-27851
- CVE-2024-27830
- CVE-2024-27820
- CVE-2024-27837
- CVE-2024-27825
- CVE-2024-27829
- CVE-2024-27841
- CVE-2024-23236
- CVE-2024-27817
- CVE-2024-27831
- CVE-2024-27827
- CVE-2024-27836
- CVE-2024-27799
- CVE-2024-27818
- CVE-2023-42893
- CVE-2024-27802
- CVE-2024-27857
- CVE-2024-27822
- CVE-2024-27824
- CVE-2024-27885
- CVE-2024-27813
- CVE-2024-27844
- CVE-2024-27843
- CVE-2024-27855
- CVE-2024-27798
- CVE-2024-27848
- CVE-2024-27847
- CVE-2024-27842
- CVE-2024-27796
- CVE-2024-27850
- CVE-2024-27839
- CVE-2024-27852
- CVE-2024-27835
- CVE-2024-27845
- CVE-2024-27803
- CVE-2024-27819
- CVE-2024-27807
- CVE-2024-27833
- CVE-2024-27789
- CVE-2024-23296
- agent/type
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/weakness
- agent/softwarecombine
- agent/event
- collector/apple-support
- source/Apple
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- vendor/apple
- canonical/apple ipados
- version/apple ipados/17.0
- canonical/apple iphone os
- version/apple iphone os/17.0
- canonical/apple macos
- version/apple macos/14.0
- canonical/apple watchos
- canonical/apple macos sonoma
- canonical/apple ios