Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-54535


A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders.


Published

2025-01-15T20:15:28.610

Last Modified

2025-01-23T22:15:14.160

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-22
  • Type: Secondary
    CWE-22

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System apple ipados < 18.1 Yes
Operating System apple iphone_os < 18.1 Yes
Operating System apple visionos < 2.1 Yes
Operating System apple watchos < 11.1 Yes

References