Apple iOS 18 and iPadOS 18 security vulnerability (CVE-2024-44204)

CVE-2024-44204 is a vulnerability in Appleโ€™s iOS and iPadOS versions prior to 18.0.1, affecting usersโ€™ saved passwords. This vulnerability arises from a logic flaw in VoiceOver, a screen reader feature designed for accessibility, which could potentially allow saved passwords to be read aloud unintentionally. Apple addressed this issue by implementing improved validation checks to restrict unauthorized access to password data via VoiceOver. The vulnerability has a CVSS v3.1 score of 5.5, indicating a medium severity, as it requires local access and user privileges but can compromise confidentiality by exposing sensitive data.

This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1.

Users are advised to update to iOS or iPadOS 18.0.1 or later to secure their devices against this issue, as well as any other fixes included in these updates.

See more details on: