Apple Fixes Video File Parsing Vulnerability in macOS, watchOS, tvOS, and iOS

CVE-2024-44232

5.5MEDIUM

Key Information

Vendor
Apple
Status
Mac OS
Visionos
iOS And iPad OS
TV OS
Vendor
CVE Published:
1 November 2024

Summary

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.

Affected Version(s)

macOS < 14.7

visionOS < 2.1

iOS and iPadOS < 17.7

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.