Unexpected Termination of macOS Due to Maliciously Crafted Video File

CVE-2024-40841

Currently unrated 🤨

Key Information

Vendor: Apple
Vendor: CVE Published:; 17 September 2024

Badges

📰 News Worthy

Summary

The vulnerability with CVE number CVE-2024-40841 impacts Apple macOS and allows remote attackers to execute arbitrary code. The vulnerability is related to the processing of MOV files in the VTDecoderXPCService process, resulting from the lack of proper validation of user-supplied data, which can lead to unexpected app termination. Apple has issued an update to address this vulnerability, and user interaction is required to exploit it. No known exploit by ransomware groups has been reported at this time.

News Articles

SystemTek

CVE-2024-40841

Apple macOS AppleVADriver Out-Of-Bounds Write Remote Code Execution Vulnerability [CVE-2024-40841]

CVE number = CVE-2024-40841 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS, it has a CVSS score of 8.8 User interaction is required to exploit...

2 months ago

Timeline

First article discovered by SystemTek
Oct 4, 2024
Vulnerability published.
Sep 17, 2024

Collectors

NVD Database1 News Article(s)