CVE-2024-40867
CRITICALiPadOS < 18.1 - Web Content Sandbox Escape via URL Scheme Handling
Title source: llmDescription
A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.
References (2)
Core 2
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/121563
Mailing List
http://seclists.org/fulldisclosure/2024/Oct/9
Scores
CVSS v3
9.6
EPSS
0.0160
EPSS Percentile
81.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
Status
published
Products (3)
Apple/iOS and iPadOS
< 18.1
apple/ipados
< 18.1
apple/iphone_os
< 18.1
Published
Oct 28, 2024
Tracked Since
Feb 18, 2026