A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00023.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Apple Safari affected
Version Status Constraints
0 affected < 17.3
Apple iOS and iPadOS affected
Version Status Constraints
0 affected < 16.7.5
0 affected < 17.3
Apple macOS affected
Version Status Constraints
0 affected < 14.3
Apple watchOS affected
Version Status Constraints
0 affected < 10.3

Configuration 1 [-]

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Apple Subscribe
Ipados Subscribe
Iphone Os Subscribe
Macos Subscribe
Safari Subscribe
Watchos Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://seclists.org/fulldisclosure/2024/Jan/27 cve-icon
http://seclists.org/fulldisclosure/2024/Jan/33 cve-icon
http://seclists.org/fulldisclosure/2024/Jan/34 cve-icon
http://seclists.org/fulldisclosure/2024/Jan/36 cve-icon
http://seclists.org/fulldisclosure/2024/Jan/39 cve-icon
https://support.apple.com/en-us/120304 cve-icon cve-icon
https://support.apple.com/en-us/120306 cve-icon cve-icon
https://support.apple.com/en-us/120309 cve-icon cve-icon
https://support.apple.com/en-us/120310 cve-icon cve-icon
https://support.apple.com/en-us/120339 cve-icon cve-icon
https://support.apple.com/en-us/HT214056 cve-icon
https://support.apple.com/en-us/HT214059 cve-icon
https://support.apple.com/en-us/HT214060 cve-icon
https://support.apple.com/en-us/HT214061 cve-icon
https://support.apple.com/en-us/HT214063 cve-icon
https://support.apple.com/kb/HT214056 cve-icon
https://support.apple.com/kb/HT214061 cve-icon
https://support.apple.com/kb/HT214063 cve-icon
History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings. A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.
References

Tue, 04 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Fri, 20 Jun 2025 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-359
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:13:24.882Z

Reserved: 2024-01-12T22:22:21.476Z

Link: CVE-2024-23211

cve-icon Vulnrichment

Updated: 2025-11-04T18:24:08.297Z

cve-icon NVD

Status : Modified

Published: 2024-01-23T01:15:11.087

Modified: 2026-04-02T19:16:55.800

Link: CVE-2024-23211

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses