CVE-2024-23225
Apple Multiple Products Memory Corruption Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
Se solucionó un problema de corrupción de memoria con una validación mejorada. Este problema se solucionó en iOS 16.7.6 y iPadOS 16.7.6, iOS 17.4 y iPadOS 17.4. Un atacante con capacidad arbitraria de lectura y escritura del kernel puede eludir las protecciones de la memoria del kernel. Apple tiene conocimiento de un informe que indica que este problema puede haber sido aprovechado.
Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2024-01-12 CVE Reserved
- 2024-03-05 CVE Published
- 2024-03-06 Exploited in Wild
- 2024-03-27 KEV Due Date
- 2024-05-24 EPSS Updated
- 2024-08-28 CVE Updated
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2024/Mar/18 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/19 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/21 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/22 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/23 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/24 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/25 | Mailing List |
|
| http://seclists.org/fulldisclosure/2024/Mar/26 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/en-us/HT214081 | 2024-07-03 | |
| https://support.apple.com/en-us/HT214082 | 2024-07-03 | |
| https://support.apple.com/kb/HT214083 | 2024-07-03 | |
| https://support.apple.com/kb/HT214084 | 2024-07-03 | |
| https://support.apple.com/kb/HT214085 | 2024-07-03 | |
| https://support.apple.com/kb/HT214086 | 2024-07-03 | |
| https://support.apple.com/kb/HT214087 | 2024-07-03 | |
| https://support.apple.com/kb/HT214088 | 2024-07-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Ipad Os Search vendor "Apple" for product "Ipad Os" | < 16.7.6 Search vendor "Apple" for product "Ipad Os" and version " < 16.7.6" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Ipad Os Search vendor "Apple" for product "Ipad Os" | >= 17.0 < 17.4 Search vendor "Apple" for product "Ipad Os" and version " >= 17.0 < 17.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | < 16.7.6 Search vendor "Apple" for product "Iphone Os" and version " < 16.7.6" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | >= 17.0 < 17.4 Search vendor "Apple" for product "Iphone Os" and version " >= 17.0 < 17.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 12.0 < 12.7.4 Search vendor "Apple" for product "Macos" and version " >= 12.0 < 12.7.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 13.0 < 13.6.5 Search vendor "Apple" for product "Macos" and version " >= 13.0 < 13.6.5" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 14.0 < 14.4 Search vendor "Apple" for product "Macos" and version " >= 14.0 < 14.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Tvos Search vendor "Apple" for product "Tvos" | < 17.4 Search vendor "Apple" for product "Tvos" and version " < 17.4" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Visionos Search vendor "Apple" for product "Visionos" | < 1.1 Search vendor "Apple" for product "Visionos" and version " < 1.1" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Watchos Search vendor "Apple" for product "Watchos" | < 10.4 Search vendor "Apple" for product "Watchos" and version " < 10.4" | - |
Affected
| ||||||