CVE-2024-23282 | Vulnerability Database | Aqua Security

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.

Affected Software

Name	Vendor	Start Version	End Version
Ipados	Apple	*	16.7.8 (excluding)
Ipados	Apple	17.0 (including)	17.5 (excluding)
Iphone_os	Apple	*	16.7.8 (excluding)
Iphone_os	Apple	17.0 (including)	17.5 (excluding)
Macos	Apple	14.0 (including)	14.5 (excluding)
Watchos	Apple	*	10.5 (excluding)

References

https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214104
https://support.apple.com/en-us/HT214106
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214106
https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214104
https://support.apple.com/en-us/HT214106
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214106

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-23282
CWE	https://cwe.mitre.org/data/definitions/.html