Memory Corruption Vulnerability in Apple's iOS, macOS, and Other Products
CVE-2024-44244

4.3MEDIUM

Key Information:

Vendor: Apple
Status: Visionos; TV OS; Watch OS; iOS And iPad OS
Vendor: CVE Published:; 28 October 2024

Summary

A critical memory corruption vulnerability has been identified within Apple's software ecosystem, particularly affecting iOS, macOS, Safari, and other platforms. This flaw arises from improper input validation, which, when exploited, allows attackers to process maliciously crafted web content. Exploitation of this vulnerability can lead to unexpected application crashes, compromising the integrity and reliability of affected devices. Apple has released updates to remedy this issue in iOS 18.1, iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, and Safari 18.1, urging users to apply these updates to protect their systems.

Affected Version(s)

iOS and iPadOS < 18.1

macOS < 15.1

Safari < 18.1

References

https://support.apple.com/en-us/121566

https://support.apple.com/en-us/121569

https://support.apple.com/en-us/121565

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2024