{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-27869","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2024-02-26T15:32:28.541Z","datePublished":"2024-09-16T23:22:20.064Z","dateUpdated":"2026-04-02T18:09:57.708Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to record the screen without an indicator"}]}],"affected":[{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","status":"affected","lessThan":"18","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"15","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator."}],"references":[{"url":"https://support.apple.com/en-us/121238"},{"url":"https://support.apple.com/en-us/121250"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:09:57.708Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-22","lang":"en","description":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}],"affected":[{"vendor":"apple","product":"macos","cpes":["cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"15","versionType":"custom"}]},{"vendor":"apple","product":"ios_and_ipados","cpes":["cpe:2.3:o:apple:ios_and_ipados:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"18","versionType":"custom"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-09-17T20:50:33.432687Z","id":"CVE-2024-27869","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-17T20:53:21.065Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2024/Sep/33"},{"url":"http://seclists.org/fulldisclosure/2024/Sep/32"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T16:11:33.803Z"}}]}}