Login Sign Up

CVE-2024-40833

5.5 MEDIUM

📋 TL;DR

This CVE describes a logic flaw in Apple's Shortcuts automation feature that allows shortcuts to access sensitive data without user consent. Affected users include anyone running vulnerable versions of macOS, iOS, and iPadOS who uses Shortcuts with data-accessing actions.

💻 Affected Systems

Products:
  • macOS
  • iOS
  • iPadOS
Versions: Versions before macOS Sonoma 14.6, iOS 16.7.9, iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8
Operating Systems: macOS, iOS, iPadOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Shortcuts enabled; vulnerability is in the permission checking logic for shortcut actions that access sensitive data.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious shortcuts could exfiltrate sensitive user data (contacts, photos, location, credentials) without user knowledge or consent, leading to privacy violations and potential identity theft.

🟠

Likely Case

Shortcuts created by untrusted sources could access and misuse personal data that users expect to be protected by permission prompts.

🟢

If Mitigated

With proper controls, only trusted shortcuts run, limiting exposure to data that shortcuts legitimately need for their intended functions.

🌐 Internet-Facing: LOW - Exploitation requires local shortcut execution, not network exposure.
🏢 Internal Only: MEDIUM - Risk exists when users run untrusted shortcuts, which could be distributed internally via shared files or messages.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to run a malicious shortcut; no public exploit code is known from the references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Sonoma 14.6, iOS 16.7.9, iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8

Vendor Advisory: https://support.apple.com/en-us/HT214116

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update on iOS/iPadOS or System Settings > General > Software Update on macOS. 2. Download and install the latest update. 3. Restart the device when prompted.

🔧 Temporary Workarounds

Disable Shortcuts or restrict usage

all

Temporarily disable the Shortcuts app or only run shortcuts from trusted sources to prevent exploitation.

🧯 If You Can't Patch

  • Educate users to only run shortcuts from trusted sources and avoid downloading shortcuts from unknown or untrusted locations.
  • Implement application control policies to restrict execution of untrusted shortcuts in enterprise environments.

🔍 How to Verify

Check if Vulnerable:

Check the OS version: on macOS, go to Apple menu > About This Mac; on iOS/iPadOS, go to Settings > General > About. Compare with patched versions listed in the fix.

Check Version:

On macOS: sw_vers -productVersion; On iOS/iPadOS: Not available via command line, check in Settings.

Verify Fix Applied:

After updating, verify the OS version matches or exceeds the patched versions (e.g., macOS Sonoma 14.6 or higher).

📡 Detection & Monitoring

Log Indicators:

  • Unusual shortcut execution logs or permission bypass attempts in system logs, though specific indicators are not detailed in the CVE.

Network Indicators:

  • Potential data exfiltration from shortcut actions, but exploitation is local and may not generate network traffic.

SIEM Query:

Not applicable due to lack of specific log signatures; monitor for OS version compliance instead.

📊 Metadata

CVE ID: CVE-2024-40833
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Published: July 29, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON