What is the CVSS score of CVE-2024-54556?

CVE-2024-54556 has a CVSS 3.1 base score of 2.4 (Low). CVSS vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of iOS are affected by CVE-2024-54556?

CVE-2024-54556 is a low-severity vulnerability in This involving access control (CVSS 2.4).

How to fix or mitigate CVE-2024-54556?

During next maintenance window: Apply vendor patches when convenient. Verify access control controls are in place.

iOS CVE-2024-54556

LOW

Improper Access Control (CWE-284)

2026-01-16 product-security@apple.com

Apple iOS

2.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Jan 16, 2026 - 18:16 nvd

LOW 2.4

DescriptionNVD

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen.

AnalysisAI

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. [CVSS 2.4 LOW]

Technical ContextAI

Classified as CWE-284 (Improper Access Control). Affects Ipados. This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen.