CVE-2024-40791: An app may be able to access information about a user's contacts in Apple macOS
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access information about a user's contacts.
AI Analysis
Technical Summary
CVE-2024-40791 is a privacy-related vulnerability identified in Apple’s macOS and iOS operating systems. The root cause stems from inadequate redaction of private data in system log entries, which can allow a locally running app with limited privileges to access information about a user's contacts. This is classified under CWE-532, which relates to exposure of sensitive information through logs. The vulnerability affects multiple Apple OS versions, including macOS Ventura 13.7, Sonoma 14.7, Sequoia 15, and iOS/iPadOS 17.7 and 18. The CVSS v3.1 base score is 3.3, reflecting low severity due to the requirement for local access (AV:L), low attack complexity (AC:L), and the need for privileges (PR:L) but no user interaction (UI:N). The impact is limited to confidentiality, with no effect on integrity or availability. Apple has addressed this issue by improving private data redaction in log entries, preventing unauthorized apps from extracting contact information. There are no known exploits in the wild, and the vulnerability does not appear to be actively targeted. The fix is included in the latest OS updates, and users are advised to upgrade to these versions to mitigate the risk.
Potential Impact
For European organizations, the primary impact of CVE-2024-40791 is the potential unauthorized disclosure of user contact information, which could lead to privacy violations and data protection compliance issues under regulations such as GDPR. Although the vulnerability requires local access and privileges, insider threats or compromised endpoints could exploit this to harvest contact data. This could facilitate social engineering, phishing campaigns, or unauthorized profiling. The low severity and lack of known exploits reduce immediate risk, but organizations with sensitive contact databases or those in regulated sectors should consider this a privacy concern. The impact on operational continuity or system integrity is negligible. However, failure to patch could result in reputational damage and regulatory penalties if contact data is exposed.
Mitigation Recommendations
European organizations should ensure all Apple devices are updated to the patched OS versions: macOS Ventura 13.7 or later, macOS Sonoma 14.7, macOS Sequoia 15, and iOS/iPadOS 17.7 or 18. Implement strict endpoint security controls to limit local privilege escalation and prevent unauthorized app installations. Use Mobile Device Management (MDM) solutions to enforce update policies and monitor device compliance. Restrict access to sensitive contact information through application permissions and audit logs for unusual access patterns. Educate users about the risks of installing untrusted applications. Regularly review and harden logging configurations to avoid inadvertent exposure of sensitive data. Conduct internal audits to detect any unauthorized access to contact information. Finally, maintain an incident response plan that includes privacy breach scenarios.
Affected Countries
United Kingdom, Germany, France, Netherlands, Sweden, Norway, Denmark, Finland, Ireland, Switzerland
CVE-2024-40791: An app may be able to access information about a user's contacts in Apple macOS
Description
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access information about a user's contacts.
AI-Powered Analysis
Technical Analysis
CVE-2024-40791 is a privacy-related vulnerability identified in Apple’s macOS and iOS operating systems. The root cause stems from inadequate redaction of private data in system log entries, which can allow a locally running app with limited privileges to access information about a user's contacts. This is classified under CWE-532, which relates to exposure of sensitive information through logs. The vulnerability affects multiple Apple OS versions, including macOS Ventura 13.7, Sonoma 14.7, Sequoia 15, and iOS/iPadOS 17.7 and 18. The CVSS v3.1 base score is 3.3, reflecting low severity due to the requirement for local access (AV:L), low attack complexity (AC:L), and the need for privileges (PR:L) but no user interaction (UI:N). The impact is limited to confidentiality, with no effect on integrity or availability. Apple has addressed this issue by improving private data redaction in log entries, preventing unauthorized apps from extracting contact information. There are no known exploits in the wild, and the vulnerability does not appear to be actively targeted. The fix is included in the latest OS updates, and users are advised to upgrade to these versions to mitigate the risk.
Potential Impact
For European organizations, the primary impact of CVE-2024-40791 is the potential unauthorized disclosure of user contact information, which could lead to privacy violations and data protection compliance issues under regulations such as GDPR. Although the vulnerability requires local access and privileges, insider threats or compromised endpoints could exploit this to harvest contact data. This could facilitate social engineering, phishing campaigns, or unauthorized profiling. The low severity and lack of known exploits reduce immediate risk, but organizations with sensitive contact databases or those in regulated sectors should consider this a privacy concern. The impact on operational continuity or system integrity is negligible. However, failure to patch could result in reputational damage and regulatory penalties if contact data is exposed.
Mitigation Recommendations
European organizations should ensure all Apple devices are updated to the patched OS versions: macOS Ventura 13.7 or later, macOS Sonoma 14.7, macOS Sequoia 15, and iOS/iPadOS 17.7 or 18. Implement strict endpoint security controls to limit local privilege escalation and prevent unauthorized app installations. Use Mobile Device Management (MDM) solutions to enforce update policies and monitor device compliance. Restrict access to sensitive contact information through application permissions and audit logs for unusual access patterns. Educate users about the risks of installing untrusted applications. Regularly review and harden logging configurations to avoid inadvertent exposure of sensitive data. Conduct internal audits to detect any unauthorized access to contact information. Finally, maintain an incident response plan that includes privacy breach scenarios.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-07-10T17:11:04.689Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 690a2df0f0ba78a0505373ed
Added to database: 11/4/2025, 4:46:40 PM
Last enriched: 11/4/2025, 5:19:10 PM
Last updated: 11/5/2025, 2:06:16 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-12497: CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in averta Premium Portfolio Features for Phlox theme
HighCVE-2025-11745: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in spacetime Ad Inserter – Ad Manager & AdSense Ads
MediumCVE-2025-58337: CWE-284 Improper Access Control in Apache Software Foundation Apache Doris-MCP-Server
UnknownCVE-2025-12469: CWE-862 Missing Authorization in amans2k FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce
MediumCVE-2025-12468: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in amans2k FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.