Multiple vulnerabilities in Apple iOS 18 and iPadOS 18



| Updated: 2025-04-25
Risk High
Patch available YES
Number of vulnerabilities 48
CVE-ID CVE-2024-44180
CVE-2024-44167
CVE-2024-40826
CVE-2024-44202
CVE-2024-44127
CVE-2024-40863
CVE-2024-44139
CVE-2024-44170
CVE-2023-5841
CVE-2024-44184
CVE-2024-27879
CVE-2024-40857
CVE-2024-44187
CVE-2024-40856
CVE-2024-44147
CVE-2024-44183
CVE-2024-40840
CVE-2024-44124
CVE-2024-40830
CVE-2024-44171
CVE-2024-40852
CVE-2024-27874
CVE-2024-27876
CVE-2024-27869
CVE-2024-44131
CVE-2024-40791
CVE-2024-40850
CVE-2024-27880
CVE-2024-44176
CVE-2024-44169
CVE-2024-44165
CVE-2024-44191
CVE-2024-44198
CVE-2024-44217
CVE-2024-40853
CVE-2024-44126
CVE-2024-44155
CVE-2024-44144
CVE-2024-44123
CVE-2024-44145
CVE-2024-54469
CVE-2024-44122
CVE-2024-54560
CVE-2024-44179
CVE-2024-54558
CVE-2024-54467
CVE-2024-44192
CVE-2024-44227
CWE-ID CWE-254
CWE-264
CWE-312
CWE-287
CWE-200
CWE-122
CWE-119
CWE-79
CWE-693
CWE-345
CWE-388
CWE-371
CWE-20
CWE-362
CWE-61
CWE-532
CWE-125
CWE-284
CWE-190
CWE-1021
Exploitation vector Network
Public exploit Public exploit code for vulnerability #23 is available.
Vulnerable software
iPadOS
Operating systems & Components / Operating system

Apple iOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 48 vulnerabilities.

1) Security features bypass

EUVDB-ID: #VU97411

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44180

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to missing checks in Siri. An attacker with physical access to device can access contacts from the lock screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU97352

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44167

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to overwrite arbitrary files on the system.

The vulnerability exists due to improper management of permissions in Notes. A local application can overwrite arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cleartext storage of sensitive information

EUVDB-ID: #VU97389

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40826

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to an error when handling files in Printing app, which can save an unencrypted document to a temporary file when using print preview. A local application can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Authentication

EUVDB-ID: #VU97408

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44202

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to bypass authentication process.

The vulnerability exists due to a missing authentication in the the Safari private browsing feature. An attacker with physical access to device can obtain sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper Authentication

EUVDB-ID: #VU97367

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44127

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to missing authentication. An attacker with physical access to device can access Safari private browsing without authentication.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Information disclosure

EUVDB-ID: #VU97409

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40863

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in Sandbox. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Security features bypass

EUVDB-ID: #VU97410

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44139

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to missing checks in Siri. An attacker with physical access to device can access contacts from the lock screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Information disclosure

EUVDB-ID: #VU97391

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44170

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way Siri stores sensitive information. A local application can access user-sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Heap-based buffer overflow

EUVDB-ID: #VU86235

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5841

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when validating the number of scanline samples of a OpenEXR file containing deep scanline data. A remote attacker can pass specially crafted file to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU97363

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44184

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improperly imposed security restrictions in Transparency. A local application can gain access to sensitive user information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU97368

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-27879

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in UIKit. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Universal cross-site scripting

EUVDB-ID: #VU97351

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-40857

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Protection Mechanism Failure

EUVDB-ID: #VU97350

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44187

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error when handling "iframe" elements in WebKit. A remote attacker can exfiltrate data cross-origin.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Insufficient verification of data authenticity

EUVDB-ID: #VU97398

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-40856

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to disconnect the device from a trusted Wi-Fi network.

The vulnerability exists due to incorrect integrity checks. A remote attacker can force a device to disconnect from a secure network.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU97407

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44147

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to a state error in the NetworkExtension component. A local application can gain unauthorized access to Local Network.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Improper error handling

EUVDB-ID: #VU97348

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44183

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an logic issue in mDNSResponder when handling errors. A local application can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) State Issues

EUVDB-ID: #VU97402

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40840

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to a state management error within the Accessibility feature. An attacker with physical access to device can use Siri to obtain sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Improper Authentication

EUVDB-ID: #VU97406

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-44124

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when authenticating pairing devices via Bluetooth. A malicious Bluetooth device can bypass pairing process and gain unauthorized access to the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Information disclosure

EUVDB-ID: #VU97403

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40830

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the Accessibility feature. A local application can enumerate installed apps on the device.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Security features bypass

EUVDB-ID: #VU97365

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44171

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to a state management error in the accessibility feature. An attacker with physical access to device can control nearby devices.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Improper Authentication

EUVDB-ID: #VU97404

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40852

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to an error in the Accessibility feature. An attacker with physical access to device can see recent photos without authentication in Assistive Access.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Input validation error

EUVDB-ID: #VU97405

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-27874

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in Cellular component. A remote attacker can send specially crafted input to the device and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Race condition

EUVDB-ID: #VU97337

Risk: High

CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2024-27876

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a race condition within the Compression component. A remote attacker can trick the victim into unpacking a specially crafted file and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

24) Security features bypass

EUVDB-ID: #VU97378

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27869

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper checks in Control Center. A local application can record the screen without an indicator.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) UNIX symbolic link following

EUVDB-ID: #VU97382

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44131

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a symlink following issue in FileProvider. A local application can gain access to sensitive user data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU97346

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40791

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the Mail Accounts app stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU97339

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40850

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists in Game Center due to improperly imposed security restrictions. A local application can gain unauthorized access to certain files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Input validation error

EUVDB-ID: #VU97340

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27880

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in ImageIO. A remote attacker can trick the victim into opening a specially crafted image file and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU97341

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44176

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Buffer overflow

EUVDB-ID: #VU97344

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44169

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in IOSurfaceAccelerator. A local application can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Information disclosure

EUVDB-ID: #VU97345

Risk: Low

CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44165

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the way the macOS kernel handles DHCP packets with an active VPN tunnel. A remote attacker can perform TunnelVision attack and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Improper access control

EUVDB-ID: #VU97366

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44191

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local application to gain access to Bluetooth.

The vulnerability exists due to improper access restrictions in kernel. A local application can gain unauthorized access to Bluetooth.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Integer overflow

EUVDB-ID: #VU97385

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-44198

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in libxml2. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU105374

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44217

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a logic error in Passwords, which can fill in credentials after failing authentication. A local application can gain unauthorized access to the victim's password and a third-party service.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: before

iPadOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU105376

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40853

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in Siri. An attacker with physical access to device can use Siri to enable Auto-Answer Calls on a locked device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: before

iPadOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Heap-based buffer overflow

EUVDB-ID: #VU99362

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-44126

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error in ARKit. A remote attacker can trick the victim into opening a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Input validation error

EUVDB-ID: #VU99424

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-44155

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper validation of custom URL scheme in Safari. A remote attacker can trick the victim into visiting a specially crafted website and violate iframe sandboxing policy.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Buffer overflow

EUVDB-ID: #VU99404

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44144

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing files in SceneKit. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU105335

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44123

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improperly imposed security restrictions in Security feature. A local application with root privileges on the device can access keyboard input and location information without user consent.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Security features bypass

EUVDB-ID: #VU105343

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44145

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows an attacker to bypass the lock screen protection.

The vulnerability exists due to a state management issue in Sidecar. An attacker with physical access to device with Sidecar enabled can bypass the Lock Screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Information disclosure

EUVDB-ID: #VU105260

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-54469

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to excessive data output by the FileProvider. A local user can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Security features bypass

EUVDB-ID: #VU99378

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44122

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a sandbox process to bypass implemented security restrictions.

The vulnerability exists due to a logic issue in LaunchServices. A local application can break out of its sandbox.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU105364

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-54560

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to bypass implemented security restrictions.

The vulnerability exists due to improper privilege management in LaunchServices. A local application can modify other apps without having App Management permission.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Protection Mechanism Failure

EUVDB-ID: #VU105366

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44179

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to presence of insecure features in Siri on a locked device. An attacker with physical access to device can read contact numbers from the lock screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Improper Restriction of Rendered UI Layers or Frames

EUVDB-ID: #VU105367

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-54558

CWE-ID: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Exploit availability: No

Description

The vulnerability allows a local application to perform clickjacking attack.

The vulnerability exist due to incorrect out-of-process view handling in TCC. A local application can trick the victim into granting access to photos from the user's photo library.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Information disclosure

EUVDB-ID: #VU105258

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-54467

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a state management issue in WebKit. A remote attacker can trick the victim into visiting a specially crafted webpage and exfiltrate data cross-origin.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Input validation error

EUVDB-ID: #VU105259

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44192

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in WebKit. A remote attacker can trick the victim into visiting a specially crafted webpage and crash the browser.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Buffer overflow

EUVDB-ID: #VU105368

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44227

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the Wi-Fi component. A local application can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: before

Apple iOS: before

CPE2.3 External links

https://support.apple.com/en-us/121250


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###