{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-54485","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2024-12-03T22:50:35.496Z","datePublished":"2024-12-11T22:59:06.259Z","dateUpdated":"2026-04-02T18:25:01.020Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An attacker with physical access to an iOS device may be able to view notification content from the lock screen"}]}],"affected":[{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","status":"affected","lessThan":"18.2","versionType":"custom"}]},{"vendor":"Apple","product":"iPadOS","versions":[{"version":"0","status":"affected","lessThan":"17.7.3","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"15.2","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An attacker with physical access to an iOS device may be able to view notification content from the lock screen."}],"references":[{"url":"https://support.apple.com/en-us/121837"},{"url":"https://support.apple.com/en-us/121838"},{"url":"https://support.apple.com/en-us/121839"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:25:01.020Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-922","lang":"en","description":"CWE-922 Insecure Storage of Sensitive Information"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-12-13T18:34:06.344519Z","id":"CVE-2024-54485","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-13T18:36:25.572Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2024/Dec/6"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:30:16.825Z"}}]}}