Back to search
CVE-2024-23218
Published: Jan 23, 2024
Modified: Apr 2, 2026
PUBLISHED
Description
A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, tvOS 17.3, watchOS 10.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.
| Vendor | Product | Versions |
|---|---|---|
Apple | iOS and iPadOS | affected 0 - < 16.7.6affected 0 - < 17.3 |
Apple | macOS | affected 0 - < 12.7.4affected 0 - < 13.6.5affected 0 - < 14.3 |
Apple | tvOS | affected 0 - < 17.3 |
Apple | watchOS | affected 0 - < 10.3 |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now