Login Sign Up

CVE-2024-40812

7.8 HIGH

📋 TL;DR

This vulnerability allows shortcuts on Apple devices to bypass internet permission requirements, potentially enabling unauthorized network access. It affects iOS, iPadOS, macOS, watchOS, and visionOS users who haven't updated to the patched versions.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
  • watchOS
  • visionOS
Versions: Versions prior to iOS 16.7.9, iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6, iPadOS 17.6, watchOS 10.6, visionOS 1.3, macOS Sonoma 14.6
Operating Systems: iOS, iPadOS, macOS, watchOS, visionOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all devices running vulnerable versions of Apple operating systems with Shortcuts functionality enabled.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Visionos by Apple

View all CVEs affecting Visionos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious shortcuts could exfiltrate sensitive data, perform unauthorized network reconnaissance, or interact with external servers without user consent.

🟠

Likely Case

Shortcuts could access network resources they shouldn't have permission for, potentially leaking device information or performing unwanted network calls.

🟢

If Mitigated

With proper permission controls and network segmentation, impact is limited to potential information disclosure from the affected device.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to run a malicious shortcut, but technical details are not publicly available in the provided references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 16.7.9, iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6, iPadOS 17.6, watchOS 10.6, visionOS 1.3, macOS Sonoma 14.6

Vendor Advisory: https://support.apple.com/en-us/HT214108

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update. 2. Download and install the latest available update for your device. 3. Restart your device after installation completes.

🔧 Temporary Workarounds

Disable Shortcuts Internet Access

all

Restrict internet access for Shortcuts app in device settings

Review and Delete Unknown Shortcuts

all

Remove any shortcuts from untrusted sources

🧯 If You Can't Patch

  • Disable Shortcuts functionality entirely if not needed
  • Implement network segmentation to limit potential data exfiltration

🔍 How to Verify

Check if Vulnerable:

Check device version in Settings > General > About > Software Version

Check Version:

Settings > General > About > Software Version (iOS/iPadOS/watchOS/visionOS) or About This Mac > macOS version (macOS)

Verify Fix Applied:

Verify installed version matches or exceeds patched versions listed in affected_systems

📡 Detection & Monitoring

Log Indicators:

  • Unexpected network connections from Shortcuts process
  • Shortcuts accessing network resources without explicit permission

Network Indicators:

  • Outbound connections from Apple devices to unexpected external domains/IPs

SIEM Query:

process_name:"Shortcuts" AND network_destination:* NOT network_destination:apple.com

📊 Metadata

CVE ID: CVE-2024-40812
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-284
Published: July 29, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40812, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)