What is the severity of CVE-2024-44259?

CVE-2024-44259 is classified as a high severity vulnerability due to its potential impact on user authentication.

How do I fix CVE-2024-44259?

To address CVE-2024-44259, ensure your affected Apple software is updated to the latest versions, which include security patches.

Which Apple products are affected by CVE-2024-44259?

CVE-2024-44259 affects multiple Apple products including visionOS, Safari, macOS Sequoia, iOS, and iPadOS versions below the specified updates.

What type of vulnerability is CVE-2024-44259?

CVE-2024-44259 is categorized as an accessibility vulnerability that involves an issue with authentication.

Who assigned the CVE-ID for CVE-2024-44259?

The CVE-ID for CVE-2024-44259 was assigned by a third-party organization.

Vulnerability/
CVE-2024-44259

high

8.8

CWE

20 416 362

28/10/2024

15/1/2025

CVE-2024-44259: Input Validation

First published: Mon Oct 28 2024(Updated: )

Accessibility. The issue was addressed with improved authentication.

Credit: product-security@apple.com Rizki Maulana (rmrizki.my.id) Matthew Butler Jake Derouin an anonymous researcher Ivan Fratric Google Project ZeroK宝 @Pwnrin pattern-f @pattern_F_ Loadshine LabHikerell Loadshine LabHossein Lotfi @hosselot Trend Micro Zero Day InitiativeWang Yu CyberservalJunsung Lee Trend Micro Zero Day InitiativeJex Amro Ye Zhang @VAR10CK Baidu SecurityZiyi Zhou Jiao Tong University) @Shanghai Tianxiao Hou Jiao Tong University) @Shanghai Mateusz Krzywicki @krzywix Ben Roeder Hichem Maloufi Christian Mina Ismail Amzdak Nimrat Khalsa Davis Dai James Gill @infosec.exchange) @jjtech an anonymous researcher Dawn Security Lab of JDYinyi Wu @_3ndy1 Dawn Security Lab of JDNarendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtPune (India) Lucas Di Tomase Michael DePlante @izobashi Trend Micro Zero Day InitiativeBing Shi Alibaba GroupWenchao Li Alibaba GroupXiaolong Bai Alibaba Group Indiana University BloomingtonLuyi Xing Indiana University BloomingtonKirin @Pwnrin Bistrit Dahal Kenneth Chew Rodolphe Brunetti @eisw0lf Abhay Kailasia @abhay_kailasia Lakshmi Narain College of Technology Bhopal IndiaSrijan Poudel 7feilee Cristian Dinca (icmd.tech) Dalibor Milanovic Richard Hyunho Im with Route Zero Security @richeeta Braylon @softwarescool Wojciech Regula SecuRingQ1IQ @q1iqF P1umer @p1umer CVE-2024-39573 CVE-2024-38477 CVE-2024-38476 Mickey Jin @patch1t Alexandre Bedard Ronny Stiftel Zhongquan Li @Guluisacat Garrett Moon Excited Pixel LLCArsenii Kostromin (0x3c3e) Toomas Römer Jaime Bertran Noah Gregory (wts.dev) Un3xploitable CW Research IncBohdan Stasiuk @Bohdan_Stasiuk CW Research IncPedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t KandjiCsaba Fitzl @theevilbit KandjiRyan Dowd @_rdowd Gergely Kalman @gergely_kalman Csaba Fitzl @theevilbit Halle Winkler Politepix (theoffcuts.org) dw0r! Trend Micro Zero Day InitiativeBohdan Stasiuk @Bohdan_Stasiuk 냥냥 Justin Saboo

Affected Software	Affected Version	How to fix
Apple macOS Sequoia	<15.1	15.1
Apple Mobile Safari	<18.1	18.1
Apple Mobile Safari	<18.1
Apple iOS, iPadOS, and watchOS	<17.7.1
Apple iOS, iPadOS, and watchOS	>=18.0<18.1
iOS	<17.7.1
iOS	>=18.0<18.1
Apple iOS and macOS	>=15.0<15.1
visionOS	<2.1
Apple iOS, iPadOS, and watchOS	<18.1	18.1
Apple iOS, iPadOS, and watchOS	<18.1	18.1
Apple iOS, iPadOS, and watchOS	<17.7.1	17.7.1
Apple iOS, iPadOS, and watchOS	<17.7.1	17.7.1
visionOS	<2.1	2.1

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/121566 (Advisory)
https://support.apple.com/en-us/121567 (Advisory)
https://support.apple.com/en-us/121563 (Advisory)
https://support.apple.com/en-us/121564 (Advisory)
https://support.apple.com/en-us/121571 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2024-39573
CVE-2024-38477
CVE-2024-38476
CVE-2024-44255
CVE-2024-44232
CVE-2024-44233
CVE-2024-44234
CVE-2024-44270
CVE-2024-44280
CVE-2024-44260
CVE-2024-54535
CVE-2024-44298
CVE-2024-44273
CVE-2024-44295
CVE-2024-44240
CVE-2024-44302
CVE-2024-44213
CVE-2024-44289
CVE-2024-44282
CVE-2024-44265
CVE-2024-40854
CVE-2024-44215
CVE-2024-44297
CVE-2024-44216
CVE-2024-44287
CVE-2024-44197
CVE-2024-44299
CVE-2024-44241
CVE-2024-44242
CVE-2024-44285
CVE-2024-44239
CVE-2024-44286
CVE-2024-40849
CVE-2024-44201
CVE-2024-44231
CVE-2024-44223
CVE-2024-44222
CVE-2024-44256
CVE-2024-54471
CVE-2024-44292
CVE-2024-44293
CVE-2024-44247
CVE-2024-44267
CVE-2024-44301
CVE-2024-44275
CVE-2024-44303
CVE-2024-44156
CVE-2024-44159
CVE-2024-44253
CVE-2024-44294
CVE-2024-44196
CVE-2024-40858
CVE-2024-44277
CVE-2024-44195
CVE-2024-44259
CVE-2024-44229
CVE-2024-44219
CVE-2024-44211
CVE-2024-44218
CVE-2024-44248
CVE-2024-54538
CVE-2024-44254
CVE-2024-44269
CVE-2024-44236
CVE-2024-44237
CVE-2024-44279
CVE-2024-44281
CVE-2024-44283
CVE-2024-44284
CVE-2024-44194
CVE-2024-44200
CVE-2024-44278
CVE-2024-44264
CVE-2024-44290
CVE-2024-44296
CVE-2024-44212
CVE-2024-44244
CVE-2024-44257
CVE-2024-44250
CVE-2024-44274
CVE-2024-40867
CVE-2024-44258
CVE-2024-44252
CVE-2024-54470
CVE-2024-40851
CVE-2024-44263
CVE-2024-44251
CVE-2024-44235
CVE-2024-44261
CVE-2024-44155
CVE-2024-44144
CVE-2024-44262

Frequently Asked Questions

What is the severity of CVE-2024-44259?
CVE-2024-44259 is classified as a high severity vulnerability due to its potential impact on user authentication.
How do I fix CVE-2024-44259?
To address CVE-2024-44259, ensure your affected Apple software is updated to the latest versions, which include security patches.
Which Apple products are affected by CVE-2024-44259?
CVE-2024-44259 affects multiple Apple products including visionOS, Safari, macOS Sequoia, iOS, and iPadOS versions below the specified updates.
What type of vulnerability is CVE-2024-44259?
CVE-2024-44259 is categorized as an accessibility vulnerability that involves an issue with authentication.
Who assigned the CVE-ID for CVE-2024-44259?
The CVE-ID for CVE-2024-44259 was assigned by a third-party organization.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/source
agent/description
agent/first-publish-date
agent/event
collector/apple-support
source/Apple
alias/CVE-2024-44297
alias/CVE-2024-44216
alias/CVE-2024-44287
alias/CVE-2024-44197
alias/CVE-2024-44299
alias/CVE-2024-44241
alias/CVE-2024-44242
alias/CVE-2024-44285
alias/CVE-2024-44239
alias/CVE-2024-44286
alias/CVE-2024-40849
alias/CVE-2024-44201
alias/CVE-2024-44231
alias/CVE-2024-44223
alias/CVE-2024-44222
alias/CVE-2024-44256
alias/CVE-2024-54471
alias/CVE-2024-44292
alias/CVE-2024-44293
alias/CVE-2024-44247
alias/CVE-2024-44267
alias/CVE-2024-44301
alias/CVE-2024-44275
alias/CVE-2024-44303
alias/CVE-2024-44156
alias/CVE-2024-44159
alias/CVE-2024-44253
alias/CVE-2024-44294
alias/CVE-2024-44196
alias/CVE-2024-40858
alias/CVE-2024-44277
alias/CVE-2024-44195
alias/CVE-2024-44259
alias/CVE-2024-44229
alias/CVE-2024-44219
alias/CVE-2024-44211
alias/CVE-2024-44218
alias/CVE-2024-44248
alias/CVE-2024-54538
alias/CVE-2024-44254
alias/CVE-2024-44269
alias/CVE-2024-44236
alias/CVE-2024-44237
alias/CVE-2024-44279
alias/CVE-2024-44281
alias/CVE-2024-44283
alias/CVE-2024-44284
alias/CVE-2024-44194
alias/CVE-2024-44200
alias/CVE-2024-44278
alias/CVE-2024-44264
alias/CVE-2024-44290
alias/CVE-2024-44296
alias/CVE-2024-44212
alias/CVE-2024-44244
alias/CVE-2024-44257
alias/CVE-2024-44250
agent/software-canonical-lookup
alias/CVE-2024-44233
alias/CVE-2024-44234
alias/CVE-2024-44270
alias/CVE-2024-44280
alias/CVE-2024-44260
alias/CVE-2024-54535
alias/CVE-2024-44298
alias/CVE-2024-44273
alias/CVE-2024-44295
alias/CVE-2024-44240
alias/CVE-2024-44302
alias/CVE-2024-44213
alias/CVE-2024-44289
alias/CVE-2024-44282
alias/CVE-2024-44265
alias/CVE-2024-40854
alias/CVE-2024-44215
agent/author
alias/CVE-2024-44232
alias/CVE-2024-38477
alias/CVE-2024-38476
alias/CVE-2024-44255
agent/softwarecombine
agent/tags
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
alias/CVE-2024-44258
alias/CVE-2024-44252
alias/CVE-2024-54470
alias/CVE-2024-40851
alias/CVE-2024-44263
alias/CVE-2024-44251
alias/CVE-2024-44235
alias/CVE-2024-44261
alias/CVE-2024-40867
alias/CVE-2024-44155
alias/CVE-2024-44144
alias/CVE-2024-44262
vendor/apple
canonical/apple macos sequoia
canonical/apple mobile safari
canonical/apple ios, ipados, and watchos
version/apple ios, ipados, and watchos/18.0
canonical/ios
version/ios/18.0
canonical/apple ios and macos
version/apple ios and macos/15.0
canonical/visionos