CVE-2024-44131

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Sep 17, 2024 / Updated: 2mo ago

010
CVSS 5.5EPSS 0.04%Medium
CVE info copied to clipboard

Summary

An application may be able to access sensitive user data due to improper validation of symlinks. This vulnerability affects iOS, iPadOS, and macOS operating systems.

Impact

If exploited, this vulnerability could allow a malicious application to gain unauthorized access to sensitive user data, potentially compromising user privacy and confidentiality. The attack requires local access and low privileges, but does not require user interaction. While the confidentiality impact is high, there is no impact on integrity or availability of the system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. This issue is fixed in iOS 18 and iPadOS 18, and macOS Sequoia 15.

Mitigation

To mitigate this vulnerability, it is recommended to update affected systems to the patched versions: 1. For iOS and iPadOS devices, update to version 18.0 or later. 2. For macOS systems, update to macOS Sequoia (version 15.0) or later. 3. Until patches can be applied, limit the installation of untrusted applications and monitor for any suspicious application behavior. 4. Consider implementing additional access controls to sensitive user data directories.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2024-44131. See article

Sep 16, 2024 at 6:59 PM / Apple Support
CVE Assignment

NVD published the first details for CVE-2024-44131

Sep 17, 2024 at 12:15 AM
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Sep 17, 2024 at 12:23 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.6%)

Sep 17, 2024 at 10:05 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (610582)

Sep 18, 2024 at 7:53 AM
CVSS

A CVSS base score of 5.5 has been assigned.

Sep 24, 2024 at 7:05 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.7%)

Oct 13, 2024 at 6:25 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (380763)

Oct 23, 2024 at 7:53 AM
CVSS

A CVSS base score of 5.5 has been assigned.

Oct 28, 2024 at 9:33 PM / nvd
Static CVE Timeline Graph

Affected Systems

Apple/ipados
+null more

Patches

Apple
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

Vendor Advisory

About the security content of macOS Sequoia 15
Impact: An app may be able to access user-sensitive data Impact: An app may be able to access sensitive user data

References

About the security content of macOS Sequoia 15
Impact: An app may be able to access user-sensitive data Impact: An app may be able to access sensitive user data
About the security content of iOS 18 and iPadOS 18
Description: A file access issue was addressed with improved input validation. Impact: An attacker may be able to see recent photos without authentication in Assistive Access

News

Vulnerabilities in Apple products alert
CERT-In has recently issued Advisory CIAD-2024-0046, highlighting multiple high-severity vulnerabilities in Apple products. According to the advisory, these vulnerabilities pose serious threats, enabling attackers to access sensitive data, execute arbitrary code, bypass security protocols, and cause denial-of-service (DoS) conditions.
US-CERT Vulnerability Summary for the Week of September 16, 2024
n/a–n/a An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID. 2024-09-18 not yet calculated CVE-2023-28452 [email protected] [email protected] n/a–n/a Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data. 2024-09-18 not yet calculated CVE-2023-41611 [email protected] Google–Nest Wifi Pro U-Boot environment is read from unauthenticated partition. 2024-09-16 not yet calculated CVE-2024-22013 [email protected] Apple–macOS The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service. 2024-09-17 not yet calculated CVE-2024-23237 [email protected] n/a–n/a Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. 2024-09-19 not yet calculated CVE-2024-25673 [email protected] [email protected] [email protected] Apple–macOS A permissions issue was addressed with additional restrictions.
Apple releases iOS 18 over 30 security updates, two critical
CVE-2024-40840 (CVSS score 4.6) : An attacker with physical access may use Siri to access sensitive user data CVE-2024-44171 (CVSS score 8.1) : An attacker with physical access to a locked device could control nearby devices via accessibility features.
Apple Security Advisory 09-16-2024-1
Apple Security Advisory 09-16-2024-1 - iOS 18 and iPadOS 18 addresses bypass, cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
NA - CVE-2024-44131 - This issue was addressed with improved...
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
See 15 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI