High severity7.8NVD Advisory· Published Oct 28, 2024· Updated Apr 2, 2026
CVE-2024-44255
CVE-2024-44255
Description
A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicious app may be able to run arbitrary shortcuts without user consent.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: <13.7.1
- (no CPE)range: <15.1 (Sequoia), <14.7.1 (Sonoma), <13.7.1 (Ventura)
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*range: <18.1
- (no CPE)range: <18.1
- Range: <18.1
Patches
Vulnerability mechanics
References
13- support.apple.com/en-us/121563nvdVendor Advisory
- support.apple.com/en-us/121565nvdVendor Advisory
- support.apple.com/en-us/121566nvdVendor Advisory
- support.apple.com/en-us/121568nvdVendor Advisory
- support.apple.com/en-us/121569nvdVendor Advisory
- support.apple.com/en-us/121570nvdVendor Advisory
- seclists.org/fulldisclosure/2024/Oct/11nvd
- seclists.org/fulldisclosure/2024/Oct/12nvd
- seclists.org/fulldisclosure/2024/Oct/13nvd
- seclists.org/fulldisclosure/2024/Oct/15nvd
- seclists.org/fulldisclosure/2024/Oct/16nvd
- seclists.org/fulldisclosure/2024/Oct/9nvd
- support.apple.com/en-us/121564nvd
News mentions
0No linked articles in our index yet.