Medium severity5.5NVD Advisory· Published May 14, 2024· Updated Apr 2, 2026

CVE-2024-27810

Description

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to read sensitive location information.

Affected products

Apple Inc./Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Range: <17.5
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <17.5
Apple Inc./macOS
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Range: >=12.0,<12.7.5
Apple Inc./tvOS
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Range: <17.5
Apple Inc./watchOS
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Range: <10.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT214101nvdVendor Advisory
support.apple.com/en-us/HT214102nvdVendor Advisory
support.apple.com/en-us/HT214104nvdVendor Advisory
support.apple.com/en-us/HT214106nvdVendor Advisory
support.apple.com/kb/HT214101nvdVendor Advisory
support.apple.com/kb/HT214102nvdVendor Advisory
support.apple.com/kb/HT214104nvdVendor Advisory
support.apple.com/kb/HT214105nvdVendor Advisory
support.apple.com/kb/HT214106nvdVendor Advisory
support.apple.com/kb/HT214107nvdVendor Advisory
seclists.org/fulldisclosure/2024/May/10nvdMailing List
seclists.org/fulldisclosure/2024/May/12nvdMailing List
seclists.org/fulldisclosure/2024/May/16nvdMailing List
seclists.org/fulldisclosure/2024/May/17nvdMailing List
support.apple.com/en-us/120899nvd
support.apple.com/en-us/120900nvd
support.apple.com/en-us/120901nvd
support.apple.com/en-us/120902nvd
support.apple.com/en-us/120903nvd
support.apple.com/en-us/120905nvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000