CVE-2024-44191

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

his issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app may gain unauthorized access to Bluetooth.

References

Link	Resource
https://support.apple.com/en-us/121238	Release Notes Vendor Advisory
https://support.apple.com/en-us/121239	Release Notes Vendor Advisory
https://support.apple.com/en-us/121240	Release Notes Vendor Advisory
https://support.apple.com/en-us/121246	Release Notes Vendor Advisory
https://support.apple.com/en-us/121248	Release Notes Vendor Advisory
https://support.apple.com/en-us/121249	Release Notes Vendor Advisory
https://support.apple.com/en-us/121250	Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/32
http://seclists.org/fulldisclosure/2024/Sep/33
http://seclists.org/fulldisclosure/2024/Sep/36
http://seclists.org/fulldisclosure/2024/Sep/39

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:xcode::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

04 Nov 2025, 17:16

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2024/Sep/32 - () http://seclists.org/fulldisclosure/2024/Sep/33 - () http://seclists.org/fulldisclosure/2024/Sep/36 - () http://seclists.org/fulldisclosure/2024/Sep/39 -

25 Sep 2024, 13:24

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Apple ipados Apple xcode Apple macos Apple Apple visionos Apple watchos Apple tvos Apple iphone Os
CWE		NVD-CWE-noinfo
References	~~() https://support.apple.com/en-us/121238 -~~	() https://support.apple.com/en-us/121238 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/121239 -~~	() https://support.apple.com/en-us/121239 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/121240 -~~	() https://support.apple.com/en-us/121240 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/121246 -~~	() https://support.apple.com/en-us/121246 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/121248 -~~	() https://support.apple.com/en-us/121248 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/121249 -~~	() https://support.apple.com/en-us/121249 - Release Notes, Vendor Advisory
References	~~() https://support.apple.com/en-us/121250 -~~	() https://support.apple.com/en-us/121250 - Release Notes, Vendor Advisory
CPE		cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:watchos:::::::: cpe:2.3:o:apple:tvos:::::::: cpe:2.3:a:apple:xcode:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:visionos::::::::

20 Sep 2024, 12:31

Type	Values Removed	Values Added
Summary		(es) Este problema se solucionó mediante una mejor gestión del estado. Este problema se solucionó en iOS 17.7 y iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 y iPadOS 18, tvOS 18. Una aplicación puede obtener acceso no autorizado a Bluetooth.

17 Sep 2024, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-17 00:15

Updated : 2025-11-04 17:16

NVD link : CVE-2024-44191

Mitre link : CVE-2024-44191

CVE.ORG link : CVE-2024-44191

JSON object : View

Products Affected

apple

CWE

NVD-CWE-noinfo

5.5 /10