CVE-2024-40798 - Vulnerability Details

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Apple	Ipados Iphone Os Macos

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

No data.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Jul/17
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
https://support.apple.com/en-us/HT214116
https://support.apple.com/en-us/HT214118
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214120
https://support.apple.com/kb/HT214116
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120

History

Tue, 04 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
References		https://support.apple.com/kb/HT214116 https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120

Thu, 13 Mar 2025 21:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-200
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 23 Aug 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple ipados Apple iphone Os Apple macos
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:macos::::::::
Vendors & Products		Apple Apple ipados Apple iphone Os Apple macos
Metrics		cvssV3_1 `{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-07-29T22:17:25.199Z

Updated: 2025-11-04T17:24:26.595Z

Reserved: 2024-07-10T17:11:04.691Z

Link: CVE-2024-40798

Vulnrichment

Updated: 2025-11-04T17:24:26.595Z

NVD

Status : Modified

Published: 2024-07-29T23:15:12.600

Modified: 2025-11-04T18:16:36.003

Link: CVE-2024-40798

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object