What is the severity of CVE-2024-44273?

CVE-2024-44273 is considered a serious vulnerability due to its potential to allow malicious apps to access private information.

How do I fix CVE-2024-44273?

To fix CVE-2024-44273, update your device to iOS 18.1, iPadOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1, or visionOS 2.1.

Which devices are affected by CVE-2024-44273?

CVE-2024-44273 affects various Apple devices running older versions of iOS, iPadOS, macOS, watchOS, tvOS, and visionOS.

What type of vulnerability is CVE-2024-44273?

CVE-2024-44273 is a security vulnerability related to improper handling of symbolic links.

What can happen if CVE-2024-44273 is exploited?

If CVE-2024-44273 is exploited, a malicious app may gain access to sensitive private data on the affected device.

Vulnerability/
CVE-2024-44273

medium

5.5

CWE

28/10/2024

9/12/2024

CVE-2024-44273

First published: Mon Oct 28 2024(Updated: )

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, visionOS 2.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to access private information.

Credit: product-security@apple.com

Affected Software	Affected Version	How to fix
	<18.1
	<18.1
	<14.7.1
	<18.1
	<2.1
	<11.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-44273?
CVE-2024-44273 is considered a serious vulnerability due to its potential to allow malicious apps to access private information.
How do I fix CVE-2024-44273?
To fix CVE-2024-44273, update your device to iOS 18.1, iPadOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1, or visionOS 2.1.
Which devices are affected by CVE-2024-44273?
CVE-2024-44273 affects various Apple devices running older versions of iOS, iPadOS, macOS, watchOS, tvOS, and visionOS.
What type of vulnerability is CVE-2024-44273?
CVE-2024-44273 is a security vulnerability related to improper handling of symbolic links.
What can happen if CVE-2024-44273 is exploited?
If CVE-2024-44273 is exploited, a malicious app may gain access to sensitive private data on the affected device.

agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/severity
agent/weakness
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/softwarecombine
agent/event
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/source
vendor/apple
canonical/apple ipados
canonical/apple iphone os
canonical/apple macos
canonical/apple tvos
canonical/apple visionos
canonical/apple watchos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2024-44273?
CVE-2024-44273 is considered a serious vulnerability due to its potential to allow malicious apps to access private information.
How do I fix CVE-2024-44273?
To fix CVE-2024-44273, update your device to iOS 18.1, iPadOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1, or visionOS 2.1.
Which devices are affected by CVE-2024-44273?
CVE-2024-44273 affects various Apple devices running older versions of iOS, iPadOS, macOS, watchOS, tvOS, and visionOS.
What type of vulnerability is CVE-2024-44273?
CVE-2024-44273 is a security vulnerability related to improper handling of symbolic links.
What can happen if CVE-2024-44273 is exploited?
If CVE-2024-44273 is exploited, a malicious app may gain access to sensitive private data on the affected device.