Multiple vulnerabilities in Apple iOS 17 and iPadOS 17
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 40 |
| CVE-ID | CVE-2024-23243 CVE-2024-23225 CVE-2024-23296 CVE-2024-23256 CVE-2024-23240 CVE-2024-23262 CVE-2024-23291 CVE-2024-23288 CVE-2024-23277 CVE-2024-23250 CVE-2024-23205 CVE-2022-48554 CVE-2024-23270 CVE-2024-23286 CVE-2024-23235 CVE-2024-23265 CVE-2024-23278 CVE-2024-0258 CVE-2024-23297 CVE-2024-23287 CVE-2024-23264 CVE-2024-23255 CVE-2024-23220 CVE-2024-23259 CVE-2024-23273 CVE-2024-23239 CVE-2024-23290 CVE-2024-23231 CVE-2024-23292 CVE-2024-23289 CVE-2024-23293 CVE-2024-23241 CVE-2024-23242 CVE-2024-23246 CVE-2024-23226 CVE-2024-23252 CVE-2024-23254 CVE-2024-23263 CVE-2024-23280 CVE-2024-23284 |
| CWE-ID | CWE-264 CWE-119 CWE-200 CWE-287 CWE-451 CWE-532 CWE-125 CWE-362 CWE-254 CWE-20 CWE-284 CWE-371 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #2 is being exploited in the wild. Vulnerability #3 is being exploited in the wild. |
| Vulnerable software Subscribe |
iPadOS Operating systems & Components / Operating system Apple iOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 40 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU87135
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23243
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improperly imposed security restrictions within the Accessibility feature. A malicious application can read sensitive location information.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU87134
Risk: High
CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-23225
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the OS kernel. A malicious application can trigger memory corruption and execute arbitrary code on the target system.
Note, the vulnerability is being actively exploited in the wild.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
3) Buffer overflow
EUVDB-ID: #VU87136
Risk: High
CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-23296
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in RTKit. A malicious application can trigger memory corruption and execute arbitrary code on the target system.
Note, the vulnerability is being actively exploited in the wild.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
4) Information disclosure
EUVDB-ID: #VU87137
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23256
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error in Safari. A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Authentication
EUVDB-ID: #VU87314
Risk: Low
CVSSv3.1: 1.8 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23240
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows an attacker to perform unauthorized actions.
The vulnerability exists due to improper authentication checks in Shake-to-undo in Photos. An attacker with physical access to device can restore a previously deleted photo.
Install updates from vendor's website.
Vulnerable software versionsApple iOS: 17.0 21A326 - 17.3.1 21D61
iPadOS: 17.0 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Spoofing attack
EUVDB-ID: #VU87275
Risk: Low
CVSSv3.1: 3.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23262
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data within the Accessibility feature. A local application can spoof system notifications and UI.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU87241
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23291
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to Accessibility feature stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU87243
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23288
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to AppleMobileFileIntegrity does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Spoofing attack
EUVDB-ID: #VU87244
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23277
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper input validation in Bluetooth. An attacker with access to a privileged local network can inject keystrokes by spoofing a keyboard.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU87247
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23250
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improperly imposed permissions in CoreBluetooth - LE. A local application can access Bluetooth-connected microphones without user permission.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU87248
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23205
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to ExtensionKit stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU80421
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48554
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the file_copystr() function in funcs.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and crash the application.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU87217
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23270
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in Image Processing. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU87218
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23286
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ImageIO. A remote attacker can create a specially crafted image file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Race condition
EUVDB-ID: #VU87251
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23235
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a race condition within the OS kernel. A local application can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU87222
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23265
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Security features bypass
EUVDB-ID: #VU87252
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23278
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to improper checks in libxpc. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Buffer overflow
EUVDB-ID: #VU87253
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0258
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in libxpc. A local application can trigger memory corruption and execute arbitrary code out of its sandbox or with certain elevated privileges.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Information disclosure
EUVDB-ID: #VU87274
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23297
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in MediaRemote. A local application can gain unauthorized access to private information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Input validation error
EUVDB-ID: #VU87255
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23287
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to insufficient validation of temporary files in Messages. A local application can gain access to sensitive user information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Out-of-bounds read
EUVDB-ID: #VU87225
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23264
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper access control
EUVDB-ID: #VU87257
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23255
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to improper state management in Photos. An attacker with access to the device can view Photos in the Hidden Photos Album without authentication.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Information disclosure
EUVDB-ID: #VU87277
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23220
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in Safari when handling cache. A local application can fingerprint the user.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Input validation error
EUVDB-ID: #VU87259
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23259
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in Safari. A remote attacker can trick the victim to open a specially crafted website and crash the browser.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) State Issues
EUVDB-ID: #VU87235
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23273
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a state issue in Safari Private Browsing feature. A remote attacker can access private browsing tabs without authentication.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Information disclosure
EUVDB-ID: #VU87261
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23239
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a state issue in Sandbox. A local application can gain access to sensitive user information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Information disclosure
EUVDB-ID: #VU87262
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23290
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a improper access restrictions in Sandbox. A local application can gain access to sensitive user information. MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU87264
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23231
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to Share Sheet stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper access control
EUVDB-ID: #VU87265
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23292
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in Shortcuts. A local application can access sensitive user information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Security features bypass
EUVDB-ID: #VU87266
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23289
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to a state issue in Siri. An attacker with physical access to device can bypass the lock screen and use Siri to access private calendar information.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Security features bypass
EUVDB-ID: #VU87267
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23293
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to a state issue in Siri. An attacker with physical access to device can use Siri to access private calendar information.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Information disclosure
EUVDB-ID: #VU87268
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23241
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in Spotlight. A local application can gain unauthorized access to sensitive user information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU87269
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23242
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to Synapse stores sensitive information into log files. A local application can view Mail data.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Security features bypass
EUVDB-ID: #VU87272
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23246
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to an error in UIKit. A local application can break out of its sandbox.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Buffer overflow
EUVDB-ID: #VU87273
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23226
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Buffer overflow
EUVDB-ID: #VU87236
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23252
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted website and crash the browser.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Information disclosure
EUVDB-ID: #VU87238
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23254
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in WebKit. A remote attacker can exfiltrate audio data cross-origin.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Security features bypass
EUVDB-ID: #VU87237
Risk: Medium
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23263
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error when handling HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted web page and prevent Content Security Policy from being enforced.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Information disclosure
EUVDB-ID: #VU87240
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23280
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in WebKit. A remote attacker can fingerprint the user.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Security features bypass
EUVDB-ID: #VU87239
Risk: Medium
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23284
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error when handling HTML content in WebKit. A remote attacker can trick the victim to visit a specially crafted web page and prevent Content Security Policy from being enforced.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.3.1 21D61
Apple iOS: 17.0 21A326 - 17.3.1 21D61
External linkshttp://support.apple.com/en-us/HT214081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
