{"vulnerability": "CVE-2024-23204", "sightings": [{"uuid": "0b76b373-8cda-47d6-9ac6-72fc2184dbf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "Telegram/Btoh96LXBVWIkiO2TwFg3iTwn5cTJZTgRg-SQujUs7RZuQ", "content": "", "creation_timestamp": "2024-02-23T13:55:19.000000Z"}, {"uuid": "c797ed54-d970-4292-911c-5a2a1111319b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "Telegram/Q9b_RVcnMK5CThYvEe3nTQqSa2W_pkoYCNDaeJ36J-fozQ", "content": "", "creation_timestamp": "2024-02-23T10:26:02.000000Z"}, {"uuid": "5d6aaad7-14dc-4184-94bc-6a9ca354d2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/KomunitiSiber/1537", "content": "Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability\nhttps://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html\n\nDetails have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent.\nThe vulnerability, tracked as\u00a0CVE-2024-23204\u00a0(CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of\u00a0iOS 17.3, iPadOS 17.3,\u00a0macOS Sonoma 14.3, and\u00a0", "creation_timestamp": "2024-02-23T07:22:52.000000Z"}, {"uuid": "18df526c-a987-4018-96bf-187375b9148c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/ctinow/171629", "content": "https://ift.tt/xBbDUk2\nCVE-2024-23204", "creation_timestamp": "2024-01-23T02:31:45.000000Z"}, {"uuid": "314e9b9e-205b-41b6-9f36-9ec005ae5bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/thehackernews/4591", "content": "Researchers uncovered details of a major vulnerability (CVE-2024-23204) in the Apple Shortcuts app that could have exposed sensitive user data without consent on older iOS, iPadOS, macOS, and watchOS devices. \n \nLearn more: https://thehackernews.com/2024/02/researchers-detail-apples-recent-zero.html", "creation_timestamp": "2024-02-23T06:11:16.000000Z"}, {"uuid": "2cc59197-37dd-400c-a267-5a563e36bef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/ctinow/186411", "content": "https://ift.tt/Oi6g1kh\nCVE-2024-23204 | Apple macOS Shortcut permission", "creation_timestamp": "2024-02-16T14:51:46.000000Z"}, {"uuid": "dde69fec-ebb6-445b-a784-a18c947d173a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/ctinow/186401", "content": "https://ift.tt/2NJrIH6\nCVE-2024-23204 | Apple watchOS Shortcut permission", "creation_timestamp": "2024-02-16T14:21:57.000000Z"}, {"uuid": "6625007b-5a93-4f78-8e47-9ec356a9cc9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/ctinow/186400", "content": "https://ift.tt/Gbvh2kj\nCVE-2024-23204 | Apple iOS/iPadOS Shortcut permission", "creation_timestamp": "2024-02-16T14:21:56.000000Z"}, {"uuid": "5515b668-3ca5-461f-8ccd-b2d8482c4fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23204", "type": "seen", "source": "https://t.me/CyberSachok/1696", "content": "\u041e\u0431 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 iOS \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Bitdefender. \u0411\u0430\u0433 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0431\u044b\u0441\u0442\u0440\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 Apple Shortcuts \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 Apple, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0433\u0443\u043b\u0438\u0440\u0443\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \n\nCVE-2024-23204 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043c\u0430\u043d\u0443\u0442\u044c TCC(Transparency, Consent, and Control), \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0447\u0435\u043c\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u043d\u0430 \u044d\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043d\u0435 \u0434\u0430\u0432\u0430\u043b. \n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044e ExpandURL, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043e\u0448\u043b\u0438 TCC \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 base64 \u0444\u043e\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0441\u0430\u0439\u0442.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0444\u043e\u0442\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043c\u043e\u0436\u043d\u043e \u043a \u0444\u0430\u0439\u043b\u0430\u043c, \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u0430\u043c \u0438 \u0434\u0430\u043d\u043d\u044b\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u043e\u0431\u043c\u0435\u043d\u0430. \n\n\u0421\u0430\u043c\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e Apple \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c Shortcuts \u0438 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043e\u0431\u043c\u0435\u043d \u0438\u043c\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0442\u044c \u043e\u0442 \u0440\u0443\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 Shortcuts, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043f\u0435\u0440\u0435\u0434 CVE-2024-23204, \u043c\u043e\u0436\u0435\u0442 \u043d\u0435\u043c\u0430\u043b\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \n\n@cybersachok", "creation_timestamp": "2024-02-29T21:19:54.000000Z"}]}