PT-2024-7943 · Apple+5 · Visionos+10

Manfp

Published

2023-07-18

Updated

2025-11-25

CVE-2024-27833

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions tvOS versions prior to 17.5 iOS versions prior to 16.7.8 and prior to 17.5 iPadOS versions prior to 16.7.8 and prior to 17.5 visionOS version prior to 1.2 Safari version prior to 17.5

Description An integer overflow was addressed with improved input validation. Processing maliciously crafted web content may lead to arbitrary code execution. A remote attacker may be able to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For tvOS versions prior to 17.5, update to tvOS 17.5. For iOS versions prior to 16.7.8, update to iOS 16.7.8. For iOS versions prior to 17.5, update to iOS 17.5. For iPadOS versions prior to 16.7.8, update to iPadOS 16.7.8. For iPadOS versions prior to 17.5, update to iPadOS 17.5. For visionOS version prior to 1.2, update to visionOS 1.2. For Safari version prior to 17.5, update to Safari 17.5.

Exploit

Fix

RCE

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2024-09448

CESA-2023_4202

CVE-2024-27833

DSA-5695-1

MGASA-2025-0313

OPENSUSE-SU-2024_3752-1

OPENSUSE-SU-2024_3869-1

RHSA-2023:4201

RHSA-2023:4202

RHSA-2023_4201

RHSA-2023_4202

RHSA-2024:8496

RHSA-2024:9638

RHSA-2024:9646

RHSA-2024:9653

RHSA-2024:9679

RHSA-2024:9680

RHSA-2025:10364

SUSE-SU-2024:3751-1

SUSE-SU-2024:3752-1

SUSE-SU-2024:3869-1

SUSE-SU-2024:3870-1

ZDI-25-092

Affected Products

Astra Linux

Centos

Debian

Apple Macos

Red Hat

Safari

Suse

Ios

Ipados

Tvos

Visionos

PT-2024-7943 · Apple+5 · Visionos+10

CVE-2024-27833

Weakness Enumeration

Related Identifiers

Affected Products

References · 72