Medium severity5.5NVD Advisory· Published Oct 28, 2024· Updated Apr 2, 2026

CVE-2024-44194

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An app may be able to access sensitive user data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2024-44194 allows an app to access sensitive user data due to insufficient redaction, fixed in recent Apple OS updates.

Vulnerability

CVE-2024-44194 is an issue in Apple operating systems where sensitive user data may be exposed due to insufficient redaction. The vulnerability exists in iOS, iPadOS, macOS, visionOS, and watchOS, and can be exploited by an app running on the device.

Exploitation

An app with no special privileges may be able to access sensitive user data. No user interaction is required beyond installing or using the app. The attack surface is local, as the app runs on the device.

Impact

Successful exploitation allows an app to access sensitive user information, potentially compromising user privacy. The exact type of data is not specified, but it could include personal or confidential data.

Mitigation

Apple addressed this issue in iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, and watchOS 11.1, released on October 28, 2024 [1][2][3][4]. Users are advised to update their devices to the latest versions.

References

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Ipados2 versions
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*range: <18.1
- (no CPE)range: <18.1
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <18.1
Apple Inc./Visionos
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Range: <2.1
Apple Inc./watchOS
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Range: <11.1
Apple Inc./macOSllm-fuzzy
Range: <15.1
Apple Inc./iOSllm-fuzzy
Range: <18.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/121563nvdRelease NotesVendor Advisory
support.apple.com/en-us/121565nvdRelease NotesVendor Advisory
support.apple.com/en-us/121566nvdRelease NotesVendor Advisory
seclists.org/fulldisclosure/2024/Oct/11nvd
seclists.org/fulldisclosure/2024/Oct/14nvd
seclists.org/fulldisclosure/2024/Oct/16nvd
seclists.org/fulldisclosure/2024/Oct/9nvd
support.apple.com/en-us/121564nvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000