Main Vulnerability Database Vulnerabilities #VU101728

Multiple Interpretations of UI Input in Apple iOS and iPadOS - CVE-2024-54503

Published: December 12, 2024

Vulnerability identifier: #VU101728

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-54503

CWE-ID: CWE-450

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
Apple iOS
iPadOS

Detailed vulnerability description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to an issue with the user interface in Audio component. Muting a call while ringing may not result in mute being enabled, which can lead to information disclosure.

How to mitigate CVE-2024-54503

Install updates from vendor's website.

Sources

https://support.apple.com/en-us/121837

Multiple Interpretations of UI Input in Apple iOS and iPadOS - CVE-2024-54503

Detailed vulnerability description

How to mitigate CVE-2024-54503

Sources

Please verify you're human