Apple Watchos11.2 vulnerabilities

CVE-2024-54534 [CRITICAL] CVE-2024-54534: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54534 Component: WebKit Impact: Processing maliciously crafted web content may lead to memory corruption Description: The issue was addressed with improved memory handling.

CVE-2024-54512 [CRITICAL] CVE-2024-54512: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54512 Component: Face Gallery Impact: A system binary could be used to fingerprint a user's Apple Account Description: The issue was addressed by removing the relevant flags.

CVE-2024-54530 [CRITICAL] CVE-2024-54530: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54530 Component: Passkeys Impact: Password autofill may fill in passwords after failing authentication Description: The issue was addressed with improved checks.

CVE-2024-54542 [CRITICAL] CVE-2024-54542: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54542 Component: Safari Private Browsing Impact: Private Browsing tabs may be accessed without authentication Description: An authentication issue was addressed with improved state management.

CVE-2024-54525 [HIGH] CVE-2024-54525: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54525 Component: MobileBackup Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files Description: A logic issue was addressed with improved file handling.

CVE-2024-54499 [HIGH] CVE-2024-54499: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54499 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A use-after-free issue was addressed with improved memory management.

CVE-2024-45490 [HIGH] CVE-2024-45490: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-45490 Component: CVE-2024-45490 Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-54505 [HIGH] CVE-2024-54505: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54505 Component: WebKit Impact: Processing maliciously crafted web content may lead to memory corruption Description: A type confusion issue was addressed with improved memory handling.

CVE-2024-54517 [HIGH] CVE-2024-54517: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54517 Component: IOMobileFrameBuffer Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved bounds checks.

CVE-2024-54479 [HIGH] CVE-2024-54479: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54479 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks.

CVE-2024-54522 [HIGH] CVE-2024-54522: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54522 Component: IOMobileFrameBuffer Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved bounds checks.

CVE-2024-54468 [HIGH] CVE-2024-54468: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54468 Component: Kernel Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-44225 [HIGH] CVE-2024-44225: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-44225 Component: CVE-2024-45490 Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-54543 [HIGH] CVE-2024-54543: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54543 Component: WebKit Impact: Processing maliciously crafted web content may lead to memory corruption Description: The issue was addressed with improved memory handling.

CVE-2024-54514 [HIGH] CVE-2024-54514: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54514 Component: CVE-2024-45490 Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-54508 [HIGH] CVE-2024-54508: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54508 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling.

CVE-2024-54510 [MEDIUM] CVE-2024-54510: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54510 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: A race condition was addressed with improved locking.

CVE-2024-54497 [MEDIUM] CVE-2024-54497: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54497 Component: QuartzCore Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved checks.

CVE-2024-54513 [MEDIUM] CVE-2024-54513: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54513 Component: Crash Reporter Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-54494 [MEDIUM] CVE-2024-54494: watchOS11.2 Apple Security Update: About the security content of watchOS11.2 Product: watchOS11.2 CVE: CVE-2024-54494 Component: Kernel Impact: An attacker may be able to create a read-only memory mapping that can be written to Description: A race condition was addressed with additional validation.