CVE-2024-44309

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 20, 2024

Updated: Nov 29, 2024

CWE ID 79

Summary

CVE-2024-44309 is a recently disclosed cookie management issue affecting multiple Apple platforms, including Safari, iOS, iPadOS, macOS, and visionOS. This vulnerability, now patched in various updates, involves improved state management. Maliciously crafted web content can exploit this issue, potentially leading to a cross-site scripting attack. Apple acknowledges that the issue may have been actively exploited on Intel-based Mac systems prior to the release of the patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x7kJ4g
https://www.cve.org/CVERecord?id=CVE-2024-44309
https://nvd.nist.gov/vuln/detail/CVE-2024-44309

Back to Vulnerability Database

CVE-2024-44309

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations