The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 6.5 | Medium | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
| Product | Vendor | Version |
|---|---|---|
| macOS | Apple | 3.9.2S |
| tvOS | Apple | 3.9.0S |
| visionOS | Apple | 5.1.4 |
| tvOS | Apple | 5.1.4.2 |
| Safari | Apple | 5.1.4.1 |
| watchOS | Apple | < 15.9.99.97 |