CVE-2024-44212: Cookies belonging to one origin may be sent to another origin in Apple Safari
CVE-2024-44212 is a medium severity vulnerability in Apple Safari where cookies from one origin may be sent to another origin due to a cookie management issue. This flaw was addressed by Apple through improved state management and is fixed in Safari 18. 1 and related Apple OS versions. The vulnerability does not allow direct confidentiality compromise but can lead to integrity issues by sending cookies to unintended origins. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
This vulnerability involves improper cookie management in Apple Safari, allowing cookies belonging to one origin to be sent to a different origin. The issue was resolved by Apple with improved state management in Safari 18.1, iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, and watchOS 11.1. The CVSS 3.1 base score is 5.3, reflecting a medium severity with network attack vector, low attack complexity, no privileges or user interaction required, and an impact limited to integrity. This vulnerability is tracked as CWE-346 (Origin Validation Error).
Potential Impact
Cookies intended for one origin may be sent to another origin, potentially allowing unauthorized modification or misuse of session or authentication data. The impact is limited to integrity, with no direct confidentiality or availability effects reported. No known active exploitation has been observed.
Mitigation Recommendations
Apple has released official fixes in Safari 18.1 and corresponding OS versions (iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1). Users and administrators should apply these updates to remediate the vulnerability. Patch status is confirmed as fixed in these versions.
CVE-2024-44212: Cookies belonging to one origin may be sent to another origin in Apple Safari
Description
CVE-2024-44212 is a medium severity vulnerability in Apple Safari where cookies from one origin may be sent to another origin due to a cookie management issue. This flaw was addressed by Apple through improved state management and is fixed in Safari 18. 1 and related Apple OS versions. The vulnerability does not allow direct confidentiality compromise but can lead to integrity issues by sending cookies to unintended origins. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves improper cookie management in Apple Safari, allowing cookies belonging to one origin to be sent to a different origin. The issue was resolved by Apple with improved state management in Safari 18.1, iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, and watchOS 11.1. The CVSS 3.1 base score is 5.3, reflecting a medium severity with network attack vector, low attack complexity, no privileges or user interaction required, and an impact limited to integrity. This vulnerability is tracked as CWE-346 (Origin Validation Error).
Potential Impact
Cookies intended for one origin may be sent to another origin, potentially allowing unauthorized modification or misuse of session or authentication data. The impact is limited to integrity, with no direct confidentiality or availability effects reported. No known active exploitation has been observed.
Mitigation Recommendations
Apple has released official fixes in Safari 18.1 and corresponding OS versions (iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1). Users and administrators should apply these updates to remediate the vulnerability. Patch status is confirmed as fixed in these versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-08-20T21:42:05.944Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69ceb82ce6bfc5ba1df6ea80
Added to database: 4/2/2026, 6:40:44 PM
Last enriched: 4/9/2026, 11:28:04 PM
Last updated: 5/20/2026, 6:45:02 PM
Views: 33
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.