CVE-2024-23228: Infoleak

Q: What is the severity of CVE-2024-23228?

CVE-2024-23228 has been classified as a medium severity vulnerability.

Q: How do I fix CVE-2024-23228?

To fix CVE-2024-23228, update your Apple iOS or iPadOS to version 17.3 or later.

Q: What does CVE-2024-23228 affect?

CVE-2024-23228 affects Apple iOS and iPadOS versions earlier than 17.3.

Q: What is the nature of the vulnerability in CVE-2024-23228?

CVE-2024-23228 involves unintended unlocking of locked Notes content due to poor state management.

Q: When was CVE-2024-23228 addressed?

CVE-2024-23228 was addressed and fixed in iOS 17.3 and iPadOS 17.3.

Published Jan 22, 2024

Updated

Notes. This issue was addressed through improved state management.

Other sources

This issue was addressed through improved state management. This issue is fixed in iOS 17.3 and iPadOS 17.3. Locked Notes content may have been unexpectedly unlocked.

— MITRE

Credit

Harsh Tyagi

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<17.3

17.3

Apple iOS, iPadOS, and macOS<17.3

17.3

Apple iOS, iPadOS, and macOS<17.3

iPhone OS<17.3

Event History

Apr 24, 2024

CVE Published

via MITRE·04:43 PM

Data Sourced

via MITRE·04:43 PM

DescriptionWeakness

Data Sourced

via NVD·05:15 PM

DescriptionSeverityWeaknessAffected Software

Parent advisories

This vulnerability appears in the following advisories.

HT214059

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2024-23228?

CVE-2024-23228 has been classified as a medium severity vulnerability.

How do I fix CVE-2024-23228?