Security features bypass in visionOS - CVE-2024-44262

 

Security features bypass in visionOS - CVE-2024-44262

Published: October 28, 2024


Vulnerability identifier: #VU99431
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-44262
CWE-ID: CWE-254
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Apple Inc.
Affected software:
visionOS

Detailed vulnerability description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to excessive output on the lock screen. An attacker with physical access to the system can view sensitive user information.


How to mitigate CVE-2024-44262

Install updates from vendor's website.

Sources