Apple Fixes Out-of-Bounds Write Issue in iOS 17.5, Other Platforms Affected
Key Information
- Vendor
- Apple
- Status
- iOS And iPad OS
- Mac OS
- Visionos
- Watch OS
- Vendor
- CVE Published:
- 10 June 2024
Badges
Summary
The vulnerability CVE-2024-27815 is a buffer overflow issue in the XNU kernel affecting various Apple platforms, including macOS, iOS, and watchOS. The vulnerability could allow an app to execute arbitrary code with kernel privileges. This issue has been publicly fixed with the release of updates for the affected platforms. It has been reported that the vulnerability has been exploited in the wild, but there is no specific information about its exploitation by ransomware groups. It is recommended for users to update their devices with the latest patches to mitigate the risk associated with this vulnerability.
Affected Version(s)
iOS and iPadOS < 17.5
macOS < 14.5
visionOS < 1.2
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
The Cyber Post CVSS V3.1
Timeline
- π₯
Vulnerability reached the number 1 worldwide trending spot.
- πΎ
Exploit exists.
Vulnerability started trending.
First article discovered by The Cyber Post
Vulnerability published.
Vulnerability Reserved.