CVE-2024-27847

CVSS v3.1

7.4

High

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.5 iPadOS versions prior to 17.5 macOS Sonoma versions prior to 14.5

Description: The issue allows an app to bypass Privacy preferences due to insufficient input validation in the Sync Services of iPadOS, iOS, and macOS operating systems. This could potentially impact the confidentiality, integrity, and availability of protected information.

Recommendations: For iOS versions prior to 17.5, update to iOS 17.5 or later to resolve the issue. For iPadOS versions prior to 17.5, update to iPadOS 17.5 or later to resolve the issue. For macOS Sonoma versions prior to 14.5, update to macOS Sonoma 14.5 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-277CWE-20

Related Identifiers

BDU:2024-05362

CVE-2024-27847

Affected Products

Apple Macos

Ios

Ipados

Macos Sonoma

CVE-2024-27847

Weakness Enumeration

Related Identifiers

Affected Products

References · 23