VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Sep 17, 2024· Updated Apr 2, 2026

CVE-2024-44170

CVE-2024-44170

Description

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. An app may be able to access user-sensitive data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A privacy issue in Apple OSes allows an app to access user-sensitive data; fixed in iOS 18, iPadOS 18, macOS Sequoia 15, watchOS 11.

Vulnerability

Details

CVE-2024-44170 is a privacy issue in Apple operating systems where sensitive user data was stored in a location accessible to applications. The vulnerability was addressed by moving the sensitive data to a more secure location, preventing unauthorized access [1][2].

Exploitation

An app running on an affected device may be able to access user-sensitive data. No special privileges or user interaction beyond installing a malicious app is required. The attack surface is local, meaning any app on the device could potentially exploit this flaw.

Impact

Successful exploitation could lead to the disclosure of sensitive user information, compromising user privacy.

Mitigation

Apple has released security updates for iOS 18, iPadOS 18, macOS Sequoia 15, and watchOS 11 to fix this issue [1][2][3]. Users are advised to update their devices to the latest available versions.

References
  1. About the security content of macOS Sequoia 15 - Apple Support
  2. About the security content of iOS 18 and iPadOS 18 - Apple Support
  3. About the security content of watchOS11 - Apple Support

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Apple Inc./Ipados2 versions
    cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*range: <18.0
    • (no CPE)range: <18
  • Apple Inc./Iphone Os
    cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <18.0
  • Apple Inc./macOS2 versions
    cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: <15.0
    • (no CPE)range: <15
  • Apple Inc./watchOS
    cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
    Range: <11.0
  • Apple Inc./iOSllm-fuzzy
    Range: <18

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.