CVE-2024-40790

Medium

5.5/10

Summary

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Sep 17, 2024

CVE-2024-40790

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS