CVE-2024-44131

Vulnerability

A symlink validation issue exists in the file system handling of iOS 18, iPadOS 18, and macOS Sequoia 15. The vulnerability is addressed with improved validation of symlinks, preventing an app from following malicious symlinks to access protected user data. [1][2]

Exploitation

An attacker would need to have an app installed on the device. The app can craft symlinks to bypass normal file system restrictions and access sensitive user data, without requiring additional privileges beyond normal app sandbox restrictions. [1][2]

Impact

Successful exploitation allows an app to access sensitive user data, potentially leaking information such as contacts, messages, or other files protected by system sandbox controls. [1][2]

Mitigation

Apple released fixes in iOS 18 and iPadOS 18 (available for iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd gen and later, iPad Pro 11-inch 1st gen and later, iPad Air 3rd gen and later, iPad 7th gen and later, and iPad mini 5th gen and later) and macOS Sequoia 15 (available for Mac Studio 2022 and later, iMac 2019 and later, Mac Pro 2019 and later, Mac mini 2018 and later, MacBook Air 2018 and later, MacBook Pro 2018 and later, and iMac Pro 2017 and later) on September 16, 2024. No workarounds are documented. [1][2]