← back
CVE-2024-23225

CVE-2024-23225

CVSS 7.8 HIGHEPSS 1.5%● KEVCWE-787
In short

A memory corruption flaw in Apple's operating systems allows an attacker with kernel-level access to bypass security protections that defend the core of the system. This is serious because it could enable further attacks that compromise the entire device.

Technical detail

This out-of-bounds write vulnerability (CWE-787) requires an attacker to already possess arbitrary kernel read/write capabilities. Successful exploitation permits circumvention of kernel memory protections (such as SMEP/SMAP), potentially enabling privilege escalation or further code execution with elevated privileges. Apple confirmed active exploitation in the wild.

Summary generated and translated by AI from the official description.
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Apple · iOS and iPadOSApple · macOSApple · tvOSApple · visionOSApple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2024/Mar/18http://seclists.org/fulldisclosure/2024/Mar/19http://seclists.org/fulldisclosure/2024/Mar/21http://seclists.org/fulldisclosure/2024/Mar/22http://seclists.org/fulldisclosure/2024/Mar/23http://seclists.org/fulldisclosure/2024/Mar/24http://seclists.org/fulldisclosure/2024/Mar/25http://seclists.org/fulldisclosure/2024/Mar/26https://support.apple.com/en-us/120880https://support.apple.com/en-us/120881https://support.apple.com/en-us/120882https://support.apple.com/en-us/120883