CVE-2024-23219: Medium severity Apple iOS and iPadOS vulnerability

Q: What is the severity of CVE-2024-23219?

CVE-2024-23219 is considered to be a high-severity vulnerability due to its impact on authentication and potential device protection.

Q: How do I fix CVE-2024-23219?

To fix CVE-2024-23219, users should update to iOS 17.3 or iPadOS 17.3, where the issue has been addressed.

Q: What impact does CVE-2024-23219 have on devices?

CVE-2024-23219 can lead to unexpected disabling of Stolen Device Protection, potentially compromising device security.

Q: Which devices are affected by CVE-2024-23219?

CVE-2024-23219 affects devices running iOS and iPadOS versions prior to 17.3.

Q: Is there a specific Apple support article for CVE-2024-23219?

Yes, there is a dedicated support article by Apple that discusses CVE-2024-23219 and its implications.

Published Jan 22, 2024

Updated

Reset Services. The issue was addressed with improved authentication.

Other sources

The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled.

— MITRE

Credit

Peter Watthey, Christian Scalese

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<17.3

17.3

Apple iOS, iPadOS, and macOS<17.3

17.3

Apple iOS, iPadOS, and macOS<17.3

iPhone OS<17.3

Event History

Jan 23, 2024

CVE Published

via MITRE·12:25 AM

Data Sourced

via MITRE·12:25 AM

DescriptionWeakness

Data Sourced

via NVD·01:15 AM

DescriptionSeverityWeaknessAffected Software

Parent advisories

This vulnerability appears in the following advisories.

HT214059

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2024-23219?

CVE-2024-23219 is considered to be a high-severity vulnerability due to its impact on authentication and potential device protection.

How do I fix CVE-2024-23219?