What is the severity of CVE-2024-44147?

CVE-2024-44147 has a moderate severity level that impacts accessibility features and data protection.

How do I fix CVE-2024-44147?

To fix CVE-2024-44147, update your Apple device to iOS or iPadOS version 18 or later.

Which devices are affected by CVE-2024-44147?

CVE-2024-44147 affects devices running Apple iOS and iPadOS versions prior to 18.0.

What type of issues does CVE-2024-44147 address?

CVE-2024-44147 addresses issues related to accessibility, state management, and data protection.

Is there any risk if I do not update my device regarding CVE-2024-44147?

Not updating your device may leave it vulnerable to attacks exploiting the accessibility features addressed in CVE-2024-44147.

Vulnerability/
CVE-2024-44147

high

7.7

CWE

269 362 20 190

16/9/2024

24/1/2025

CVE-2024-44147: Race Condition

First published: Mon Sep 16 2024(Updated: )

Accessibility. This issue was addressed by restricting options offered on a locked device.

Credit: product-security@apple.com Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaChloe Surett Jake Derouin Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaHolger Fuhrmannek Tuan D. Hoang Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Chloe Surett Jake Derouin Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaHolger Fuhrmannek Tuan D. Hoang Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Jake Derouin Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaHolger Fuhrmannek Tuan D. Hoang Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Holger Fuhrmannek Tuan D. Hoang Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Tuan D. Hoang Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaHolger Fuhrmannek Tuan D. Hoang Snoolie Keffaber @0xilis an anonymous researcher Daniele Antonioli @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers @08Tc3wBB JamfDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Denis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Rodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroRodolphe BRUNETTI @eisw0lf Olivier Levon CVE-2023-5841 Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef ajajfxhj Bistrit Dahal an anonymous researcher Joshua Keller an anonymous researcher Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Kenneth Chew Anamika Adhikari Csaba Fitzl @theevilbit Kandji냥냥 Wojciech Regula SecuRingOm Kothawade Zaprico DigitalOmar A. Alanis the UNTHSC College of PharmacyChi Yuan Chang ZUSO ARTtaikosoup Srijan Poudel Bistrit Dahal K宝 LFY @secsys Smi1e yulige Cristian Dinca (icmd.tech) Rodolphe BRUNETTI @eisw0lf Bohdan Stasiuk @Bohdan_Stasiuk Justin Cohen Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Domien Schepers

Affected Software	Affected Version	How to fix
Apple iPadOS	<18.0
Apple iPhone OS	<18.0
	<18	18
	<18	18

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/121250 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

APPLE-121250

Frequently Asked Questions

What is the severity of CVE-2024-44147?
CVE-2024-44147 has a moderate severity level that impacts accessibility features and data protection.
How do I fix CVE-2024-44147?
To fix CVE-2024-44147, update your Apple device to iOS or iPadOS version 18 or later.
Which devices are affected by CVE-2024-44147?
CVE-2024-44147 affects devices running Apple iOS and iPadOS versions prior to 18.0.
What type of issues does CVE-2024-44147 address?
CVE-2024-44147 addresses issues related to accessibility, state management, and data protection.
Is there any risk if I do not update my device regarding CVE-2024-44147?
Not updating your device may leave it vulnerable to attacks exploiting the accessibility features addressed in CVE-2024-44147.

agent/references
agent/type
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
collector/apple-support
source/Apple
alias/CVE-2024-44183
alias/CVE-2023-5841
alias/CVE-2024-44147
alias/CVE-2024-44167
alias/CVE-2024-44217
alias/CVE-2024-40826
alias/CVE-2024-44155
alias/CVE-2024-44202
alias/CVE-2024-44127
alias/CVE-2024-40863
alias/CVE-2024-44144
alias/CVE-2024-44123
alias/CVE-2024-44145
alias/CVE-2024-40853
alias/CVE-2024-44139
alias/CVE-2024-44180
alias/CVE-2024-44170
alias/CVE-2024-44184
alias/CVE-2024-27879
alias/CVE-2024-40857
alias/CVE-2024-44187
alias/CVE-2024-40856
alias/CVE-2024-44169
alias/CVE-2024-44165
alias/CVE-2024-44191
alias/CVE-2024-44198
alias/CVE-2024-40791
alias/CVE-2024-27876
alias/CVE-2024-27869
alias/CVE-2024-44124
alias/CVE-2024-44131
alias/CVE-2024-40850
alias/CVE-2024-27880
alias/CVE-2024-44176
alias/CVE-2024-44126
alias/CVE-2024-27874
alias/CVE-2024-40852
alias/CVE-2024-44171
alias/CVE-2024-40830
agent/last-modified-date
agent/weakness
agent/source
agent/author
agent/softwarecombine
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/apple
canonical/apple ipados
canonical/apple iphone os
canonical/apple ios

CVE-2024-44147: Race Condition

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Peer vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2024-44147?

How do I fix CVE-2024-44147?

Which devices are affected by CVE-2024-44147?

What type of issues does CVE-2024-44147 address?

Is there any risk if I do not update my device regarding CVE-2024-44147?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-44147?

How do I fix CVE-2024-44147?

Which devices are affected by CVE-2024-44147?

What type of issues does CVE-2024-44147 address?

Is there any risk if I do not update my device regarding CVE-2024-44147?