⚠ Actively exploited
Added to CISA KEV on 2024-03-06. Federal agencies required to patch by 2024-03-27. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2024-23225Out-of-bounds Write in Apple IOS AND Ipados

CWE-787Out-of-bounds Write28 documents9 sources
Severity
7.8HIGHNVD
EPSS
0.2%
top 59.56%
CISA KEV
KEV
Added 2024-03-06
Due 2024-03-27
Exploit
Exploited in wild
Active exploitation observed
Affected products
7
Apple IOS AND IpadosApple MacosApple Tvos+4 more
Timeline
PublishedMar 5
KEV addedMar 6
KEV dueMar 27
Latest updateNov 25
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages11 packages

CVEListV5apple/macos< 12.7.4+2
NVDapple/macos12.012.7.4+2
NVDapple/ipados17.017.4+1
CVEListV5apple/ios_and_ipados< 16.7.6+1
CVEListV5apple/tvos< 17.4

🔴Vulnerability Details

3
GHSA
GHSA-7r4v-4jv2-pj5p: A memory corruption issue was addressed with improved validation2024-03-05
CVEList
CVE-2024-23225: A memory corruption issue was addressed with improved validation2024-03-05
VulnCheck
Apple Multiple Products Memory Corruption Vulnerability2024

📋Vendor Advisories

19
Apple
CVE-2024-23225: visionOS 1.12024-03-07
Apple
CVE-2024-23201: macOS Ventura 13.6.52024-03-07
Apple
CVE-2024-23225: macOS Monterey 12.7.42024-03-07
Apple
CVE-2024-0258: watchOS 10.42024-03-07
Apple
CVE-2024-23278: macOS Ventura 13.6.52024-03-07

🕵️Threat Intelligence

5
Securelist
Advanced threat predictions for 20252024-11-25
Securelist
Advanced threat predictions for 20252024-11-25
Bleepingcomputer
Apple backports fix for zero-day exploited in attacks to older iPhones2024-05-13
Krebs
Patch Tuesday, March 2024 Edition2024-03-12
Krebs
Patch Tuesday, March 2024 Edition2024-03-12
CVE-2024-23225 — Out-of-bounds Write in Apple | cvebase