Vulnerability Description
An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2. Private Browsing tabs may be accessed without authentication.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Safari | < 18.2 |
| Apple | Ipados | < 18.2 |
| Apple | Iphone Os | < 18.2 |
| Apple | Macos | < 15.2 |
| Apple | Watchos | < 11.2 |
Related Weaknesses (CWE)
References
- https://support.apple.com/en-us/121837Release NotesVendor Advisory
- https://support.apple.com/en-us/121839Release NotesVendor Advisory
- https://support.apple.com/en-us/121843Release NotesVendor Advisory
- https://support.apple.com/en-us/121846Release NotesVendor Advisory
FAQ
What is CVE-2024-54542?
CVE-2024-54542 is a vulnerability with a CVSS score of 9.1 (CRITICAL). An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2. Private Browsing tabs may be acces...
How severe is CVE-2024-54542?
CVE-2024-54542 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-54542?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Ipados, Apple Iphone Os, Apple Macos, Apple Watchos.