← back
CVE-2024-40815

CVE-2024-40815

CVSS 7.5 HIGHEPSS 1.1%CWE-352
A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Apple · iOS and iPadOSApple · macOSApple · tvOSApple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2024/Jul/16http://seclists.org/fulldisclosure/2024/Jul/18http://seclists.org/fulldisclosure/2024/Jul/19http://seclists.org/fulldisclosure/2024/Jul/21http://seclists.org/fulldisclosure/2024/Jul/22https://support.apple.com/en-us/120909https://support.apple.com/en-us/120911https://support.apple.com/en-us/120912https://support.apple.com/en-us/120914https://support.apple.com/en-us/120916https://support.apple.com/en-us/HT214117https://support.apple.com/en-us/HT214119