CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-44131

High Severity
Apple
SVRS
61/100
CVSSv3
5.5/10
EPSS
0.0014/1

CVE-2024-44131 allows an app to potentially access sensitive user data due to a symlink validation issue. Fixed in iOS 18, iPadOS 18, and macOS Sequoia 15, this vulnerability allows unauthorized data access. The SVRS score of 61 indicates a moderate level of risk requiring attention, although not immediate action. While the CVSS score is 5.5, the SVRS considers real-world threat intelligence, suggesting potential exploitability. Successful exploitation could lead to privacy breaches and compromise of user information. Addressing this security flaw is crucial for maintaining the integrity of user data on affected Apple devices. Users should update to the latest versions of iOS, iPadOS, and macOS.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:H
I:N
A:N
PUBLICATION DATE2024-09-17
LAST MODIFIED2025-03-25
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-44131 is a vulnerability in the iOS, iPadOS, and macOS operating systems that allows an app to access sensitive user data by exploiting improper validation of symbolic links (symlinks). This vulnerability is classified as a CWE-59 (Improper Validation of Input) and has an SVRS score of 61, indicating a high-risk vulnerability requiring immediate attention.

Key Insights

  • Data Breaches: This vulnerability poses a significant risk of data breaches. Malicious apps exploiting this flaw can gain unauthorized access to sensitive user data like contacts, photos, messages, and financial information.
  • Wide Impact: The vulnerability affects multiple Apple operating systems, including iOS, iPadOS, and macOS, potentially impacting a large number of users.
  • Active Exploitation: The vulnerability is actively exploited in the wild ("In The Wild" tag), meaning attackers are using it to compromise devices.
  • No Known Patch: The vulnerability was fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, but users not yet upgraded are still at risk.

Mitigation Strategies

  • Upgrade to Latest Operating Systems: Immediately update to iOS 18, iPadOS 18, or macOS Sequoia 15 to patch the vulnerability.
  • App Security Review: Scrutinize app permissions and access rights granted to applications. Carefully consider which apps require access to sensitive data and restrict unnecessary permissions.
  • Use Reputable App Stores: Download apps only from trusted sources like the App Store to minimize the risk of installing malicious applications.
  • Enable Security Features: Utilize security features like multi-factor authentication (MFA) and automatic software updates to enhance device protection.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Araştırmacılar, iOS ve macOS’ta TCC Bypass Yapılmasına Olanak Tanıyan Symlink Açığını Ortaya Çıkardı
Görkem Hınçer2024-12-17
Araştırmacılar, iOS ve macOS’ta TCC Bypass Yapılmasına Olanak Tanıyan Symlink Açığını Ortaya Çıkardı | 12 Aralık 2024 tarihinde, Apple’ın iOS ve macOS işletim sistemlerinde, kullanıcıların hassas bilgilerine yetkisiz erişim sağlanmasına neden olabilecek ve Transparency, Consent, and Control (TCC) çerçevesini devre dışı bırakabilecek bir güvenlik açığına ilişkin detaylar paylaşıldı. Bu güvenlik açığı, CVE-2024-44131 olarak izleniyor ve CVSS skoru 5.3. Apple, söz konusu açığı iOS 18, iPadOS 18 ve macOS Sequoia 15 sürümlerinde symlink (sembolik bağlantı) doğrulamasını iyileştirerek gidermiş durumda. Açığı keşfeden ve Apple’a bildiren Jamf Threat Labs, bu zafiyetin kötü niyetli bir uygulama tarafından
siberguvenlik.web.tr
rss
forum
news
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Ajit Jasrotia2024-12-16
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips | This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there’s a lot that might have flown under your radar. Attackers are adapting old tricks, uncovering new ones, and targeting systems both large and small. […] The post ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips appeared first on
allhackernews.com
rss
forum
news
Critical Apple Security Vulnerability CVE-2024-44131 Patched: What You Need to Know
Shruti Jain ([email protected])2024-12-12
Critical Apple Security Vulnerability CVE-2024-44131 Patched: What You Need to Know |   Jamf Threat Labs has identified a critical flaw in Apple’s Transparency, Consent, and Control (TCC) framework, labeled
blogger.com
rss
forum
news
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS
Ajit Jasrotia2024-12-12
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS | Details have emerged about a now-patched security vulnerability in Apple’s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved […] The post Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and
allhackernews.com
rss
forum
news
TCC iOS Subsystem Vulnerability Exposes iCloud Data To Attackers
Guru Baran2024-12-11
TCC iOS Subsystem Vulnerability Exposes iCloud Data To Attackers | A significant security flaw in Apple&#8217;s iOS operating system has been uncovered, allowing malicious applications to access sensitive user data stored in iCloud without any user notification. This vulnerability, identified as CVE-2024-44131, affects the Transparency, Consent, and Control (TCC) subsystem. This subsystem is designed to protect user privacy by prompting for permission when apps attempt [&#8230;] The post TCC iOS Subsystem Vulnerability Exposes iCloud Data To Attackers</a
cybersecuritynews.com
rss
forum
news
Nemesis and ShinyHunters target misconfigured websites in widespread hacking campaign. - The CyberWire
2024-12-09
Nemesis and ShinyHunters target misconfigured websites in widespread hacking campaign. - The CyberWire | News Content: Thousands of companies are unaware of the software lurking in the background on their devices. ThreatLocker® is offering free I.T. security health reports to organizations looking to harden their environment and mitigate the risks of shadow I.T., foreign software, nation-state attacks, and unpatched vulnerabilities. Get your free report today and visualize what is occurring within your organization on a single pane of glass. By the CyberWire staff At a glance. Nemesis and ShinyHunters target misconfigured websites. Radiant Capital attributes $50 million cryptocurrency theft to DPRK
google.com
rss
forum
news
Update your iPhone now to stop your iCloud data from getting stolen
[email protected] (Andrew Orr)2024-12-10
Update your iPhone now to stop your iCloud data from getting stolen | A now-patched iOS vulnerability could let malicious apps silently steal your iCloud data with no alerts, and no consent.The latest security flaw in iOS<
appleinsider.com
rss
forum
news

Social Media

#StatOfTheDay: The average cost of a data breach hit $4.45M in 2023, highlighting the need for robust cybersecurity. 🛡️ Recent exploits like CVE-2024-44131 show the importance of staying updated. Protect your data! #CyberSecurity #DataBreach #StaySafe
0
0
1
A vulnerability in Apple’s TCC framework has been exposed! The now-patched flaw (CVE-2024-44131) allowed unauthorized apps to access sensitive data, including Health information, microphone, and iCloud backups, without user consent or knowledge.
0
0
0
#ITSecurity Jamf Threat Labs has identified a critical flaw in Apple’s Transparency, Consent, and Control (TCC) framework, labeled CVE-2024-44131.
0
0
0
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS https://t.co/b7BPgbPAYU A now-patched flaw (CVE-2024-44131) allowed unauthorized apps to access sensitive data like Health info, microphone, and hashtag#iCloud backups—without users knowing
0
0
0
Cyber Security News ® iOS TCC Bypass Vulnerability let Attackers Access photos &amp; more From iCloud | Source: https://t.co/2059jmShHC This vulnerability, identified as CVE-2024-44131, affects the Transparency, Consent, and Control (TCC) subsystem. This subsystem is designed to https://t.co/ps4OScEOh0
2
0
0
@The_Cyber_News iOS TCC Bypass Vulnerability lets Attackers Access photos &amp; more From iCloud Source: https://t.co/GoxGWugdvC This vulnerability, identified as CVE-2024-44131, affects the Transparency, Consent, and Control (TCC) subsystem. This subsystem is designed to protect https://t.co/yO8rRwhddI
0
0
0
Cyber Security News ® iOS TCC Bypass Vulnerability lets Attackers Access Photos &amp; more From iCloud | Source: https://t.co/hnEUvEOaXU This vulnerability, identified as CVE-2024-44131, affects the Transparency, Consent, and Control (TCC) subsystem. #cybersecurity #iOS
0
0
0
Apple just fixed a major iOS vulnerability (CVE-2024-44131) that let malicious apps access iCloud data without your consent! 📱💻 Update to iOS 18 or macOS 15 to stay safe. #Technology #Apple https://t.co/3k7kKMKWtH
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSAppleipados
OSAppleiphone_os
OSApplemacos

References

ReferenceLink
[email protected]https://support.apple.com/en-us/121238
[email protected]https://support.apple.com/en-us/121250
[email protected]https://support.apple.com/en-us/121238
[email protected]https://support.apple.com/en-us/121250

CWE Details

CWE IDCWE NameDescription
CWE-59Improper Link Resolution Before File Access ('Link Following')The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence