Audio-based iOS, iPadOS flaws addressed by Apple

Updates have been released by Apple to resolve a pair of audio-based vulnerabilities impacting iOS and iPadOS, The Register reports.

More widespread of the addressed bugs was a logic issue, tracked as CVE-2024-44204, which could prompt Apple's new VoiceOver feature to read credentials saved within the recently unveiled Passwords app. Immediate updates to iOS 18.0.1 and iPadOS 18.0.1 have been urged for iPhone XS and later, iPad seventh generation and later, iPad mini fifth generation and later, iPad Pro 13-inch, iPad Pro 12.9-inch third generation and later, iPad Pro 11-inch first generation and later, and iPad Air third generation and later. On the other hand, only iPhone 16 is impacted by the other fixed issue, tracked as CVE-2024-44207, which involves the inaccurate depiction of audio collected from audio messages sent through iMessage. No severity scores have been issued for both bugs likely due to the National Vulnerability Database's persistent backlogs.