CVE-2024-23203

Description

The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.

References

https://support.apple.com/kb/HT214085

https://support.apple.com/kb/HT214082

https://support.apple.com/en-us/HT214061

https://support.apple.com/en-us/HT214059

http://seclists.org/fulldisclosure/2024/Mar/22

http://seclists.org/fulldisclosure/2024/Jan/36

http://seclists.org/fulldisclosure/2024/Jan/33

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3