VYPR
← All advisories
Low severity3.3NVD Advisory· Published Mar 5, 2024· Updated Apr 2, 2026

CVE-2024-23243

CVE-2024-23243

Description

CVE-2024-23243 is a privacy issue in iOS and iPadOS where an app may read sensitive location information from unredacted log entries, fixed in version 17.4.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2024-23243 is a privacy issue in iOS and iPadOS where an app may read sensitive location information from unredacted log entries, fixed in version 17.4.

CVE-2024-23243 is a privacy vulnerability in iOS and iPadOS that stems from inadequate redaction of sensitive location data in system log entries. Apple addressed the issue by improving private data redaction for logs [1].

An app running on an affected device could potentially read sensitive location information from log entries. The attack requires the app to have access to system logs, which may be possible without additional permissions in certain contexts. No user interaction is needed beyond installing a malicious or compromised app [1].

Successful exploitation could allow an app to infer the user's location, violating privacy. The CVSS score of 3.3 reflects the low severity, as the attack requires local access and the information leaked is limited to location data [1].

Apple released iOS 17.4 and iPadOS 17.4 on March 5, 2024, which contain the fix. Users are advised to update their devices to the latest version. The vulnerability affects iPhone XS and later, and various iPad models [1].

References
  1. About the security content of iOS 17.4 and iPadOS 17.4 - Apple Support

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4
  • Apple Inc./Ipados2 versions
    cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*range: <17.4
    • (no CPE)range: <17.4
  • Apple Inc./Iphone OS
    cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <17.4
  • Apple Inc./iOSllm-fuzzy
    Range: <17.4

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.