CVE-2024-27845
Description
A privacy issue in iOS and iPadOS allows an app to access Notes attachments; fixed in versions 17.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A privacy issue in iOS and iPadOS allows an app to access Notes attachments; fixed in versions 17.5.
Overview
A privacy vulnerability in iOS and iPadOS, identified as CVE-2024-27845, allows an app to access Notes attachments. The issue was addressed through improved handling of temporary files, and is fixed in iOS 17.5 and iPadOS 17.5 [1][2][3].
Exploitation
No additional exploitation details are publicly disclosed; however, the attack surface requires a malicious app to be installed on the device, potentially allowing it to read attachments stored within the Notes app.
Impact
An attacker who successfully exploits this vulnerability could gain unauthorized access to sensitive information contained in Notes attachments, such as personal data or confidential documents.
Mitigation
Apple has patched this issue in iOS 17.5 and iPadOS 17.5. Users are advised to update their devices to the latest software to mitigate the risk [1][2][3].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*range: <17.5
- (no CPE)range: < 17.5
- Range: < 17.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- support.apple.com/en-us/HT214101nvdVendor Advisory
- support.apple.com/kb/HT214101nvdVendor Advisory
- support.apple.com/en-us/120905nvd
News mentions
0No linked articles in our index yet.