CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-44207

High Severity
Apple
SVRS
48/100
CVSSv3
4.3/10
EPSS
0.00041/1

CVE-2024-44207: Audio messages in Messages on iOS and iPadOS may capture a few seconds of audio before the microphone indicator activates. This vulnerability, now fixed in iOS 18.0.1 and iPadOS 18.0.1, could lead to unintended audio recording. While the CVSS score is 4.3, indicating moderate severity, the SOCRadar Vulnerability Risk Score (SVRS) is 48. Although this is not considered a critical vulnerability based on SOCRadar's scoring, the 'In The Wild' tag suggests that it has been actively exploited. Therefore, organizations should prioritize patching to mitigate the risk of unauthorized audio recording. This poses a risk to user privacy, even if for a short duration, highlighting the need for prompt security updates on Apple devices. It underscores the importance of applying patches promptly to protect against potential exploitation of security vulnerabilities.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:R
S:U
C:L
I:N
A:N
PUBLICATION DATE2024-10-04
LAST MODIFIED2025-03-25
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-44207 is a vulnerability in Apple's iOS and iPadOS that allows audio messages in Messages to capture a few seconds of audio before the microphone indicator is activated. This could allow an attacker to eavesdrop on conversations without the user's knowledge. The vulnerability has a CVSS score of 4.3 and an SVRS of 48, indicating a moderate level of severity.

Key Insights:

  • Active Exploitation: This vulnerability is actively exploited in the wild, meaning that attackers are using it to target users.
  • Privacy Implications: This vulnerability could allow attackers to eavesdrop on private conversations, posing a significant privacy risk.
  • Limited Mitigation: The only mitigation available for this vulnerability is to update to iOS 18.0.1 or iPadOS 18.0.1.

Mitigation Strategies:

  • Update Software: Install the latest iOS or iPadOS update (18.0.1 or later) to patch the vulnerability.
  • Disable Microphone Access: Disable microphone access for untrusted apps to prevent them from capturing audio without your knowledge.
  • Use Secure Communication Channels: Use encrypted messaging apps or other secure communication channels to protect your conversations from eavesdropping.

Additional Information:

  • The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.
  • If you have any further questions regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-44207 | Apple iOS/iPadOS up to 18.0 Audio Message information disclosure (ID 121373)
vuldb.com2025-03-08
CVE-2024-44207 | Apple iOS/iPadOS up to 18.0 Audio Message information disclosure (ID 121373) | A vulnerability, which was classified as problematic, was found in Apple iOS and iPadOS up to 18.0. This affects an unknown part of the component Audio Message Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-44207. It is possible to initiate the attack
vuldb.com
rss
forum
news
7th October– Threat Intelligence Report
hagarb2024-12-02
7th October– Threat Intelligence Report | For the latest discoveries in cyber research for the week of 7th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Chinese state-sponsored hackers, dubbed &#8220;Salt Typhoon&#8221;, infiltrated US telecom companies such as Verizon, AT&#38;T, and Lumen Technologies. The attackers gained access to systems used for court-authorized wiretaps, potentially remaining undetected for months [&#8230;] The post 7th October– Threat Intelligence Report appeared first on <a href="https://
checkpoint.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately […] Brazil's Polícia Federal arrested the notorious hacker USDoD Brazil’s Polícia Federal has arrested hacker USDoD, the hacker behind the National Public
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: A new Linux variant of FASTCash malware targets financial systems North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. The variant discovered by the researcher was previously unknown and targets Ubuntu 22.04 LTS distributions. In November 2018, Symantec […] WordPress Jetpack plugin critical flaw impacts 27 million sites WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: Pokemon dev Game Freak discloses data breach Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and Junichi Masuda. It is primarily known as the main developer of the Pokémon video game series. The […] U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: Nation-state actor exploited three Ivanti CSA zero-days An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry out malicious activities. The three vulnerabilities exploited by the threat actor are: “an advanced adversary […] Dutch police dismantled dual dark web market 'Bohemia/Cannabia' Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15 Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000! GorillaBot: The New King of DDoS Attacks Hidden cryptocurrency mining and theft campaign affected over […] Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your
google.com
rss
forum
news

Social Media

@ii_86r @LeminLimez CVE-2024-44207 &amp; CVE-2024-44204
0
0
0
Attention iPhone 16 users: Please view new vulnerability CVE-2024-44207. Sound for audio messages is being captured before the microphone indicator is on. That means I can hear what y’all are REALLY saying about me. Attention Janet: I do NOT “walk like hermit crab with roller
0
0
0
🚨 Apple Releases Critical Patches VoiceOver Password Vulnerability Apple released critical iOS and iPadOS updates to fix two security vulnerabilities. Top 3 takeaways: 🪲 One flaw (CVE-2024-44204) allowed VoiceOver to read saved passwords aloud, while another (CVE-2024-44207) https://t.co/M2pnNNDffj
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSAppleiphone_os
OSAppleipados

References

ReferenceLink
[email protected]https://support.apple.com/en-us/121373
[email protected]https://support.apple.com/en-us/121373

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence