CVE-2024-23225

CVSS v3.1

7.8

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions iPadOS versions prior to 17.4 iOS versions prior to 17.4 macOS Monterey versions prior to 12.7.4 macOS Sonoma version 14.4 macOS Ventura versions prior to 13.6.5 tvOS version 17.4 visionOS version 1.1 watchOS version 10.4

Description This issue is a memory corruption problem addressed with improved validation. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of reports that this issue may have been exploited. The vulnerability resides in the kernel and involves writing beyond allocated memory boundaries.

Recommendations Update iPadOS to version 17.4. Update iOS to version 17.4. Update macOS Monterey to version 12.7.4. Update macOS Sonoma to version 14.4. Update macOS Ventura to version 13.6.5. Update tvOS to version 17.4. Update visionOS to version 1.1. Update watchOS to version 10.4.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2024-02533

CVE-2024-23225

Affected Products

Apple Macos

Ios

Ipados

Tvos

Visionos

Watchos

CVE-2024-23225

Weakness Enumeration

Related Identifiers

Affected Products

References · 91