The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2024/Jan/33 | Third Party Advisory |
http://seclists.org/fulldisclosure/2024/Jan/36 | Third Party Advisory |
http://seclists.org/fulldisclosure/2024/Mar/22 | |
https://support.apple.com/en-us/HT214059 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214061 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT214082 | |
https://support.apple.com/kb/HT214085 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2024-01-23T00:25:33.071Z
Updated: 2024-01-23T00:25:33.071Z
Reserved: 2024-01-12T22:22:21.475Z
Link: CVE-2024-23203
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-23T01:15:10.740
Modified: 2024-03-13T22:15:09.117
Link: CVE-2024-23203
JSON object: View
Redhat Information
No data.
CWE