Security features bypass in visionOS - CVE-2024-44262
Published: October 28, 2024
Vulnerability identifier: #VU99431
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-44262
CWE-ID: CWE-254
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Apple Inc.
Affected software:
visionOS
visionOS
Detailed vulnerability description
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to excessive output on the lock screen. An attacker with physical access to the system can view sensitive user information.
How to mitigate CVE-2024-44262
Install updates from vendor's website.