Apple Fixes Process Crash Vulnerability in iOS 17.6
CVE-2024-44185

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Watch OS; Mac OS; Safari; iOS And iPad OS
Vendor: CVE Published:; 24 October 2024

Summary

The issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.

Affected Version(s)

iOS and iPadOS < 17.6

macOS < 14.6

Safari < 17.6

References

https://support.apple.com/en-us/120916

https://support.apple.com/en-us/120911

https://support.apple.com/en-us/120913

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 24, 2024
Vulnerability Reserved
Aug 20, 2024