Web Content Processing Vulnerability in Apple Products
CVE-2024-54479

7.5HIGH

Key Information:

Vendor: Apple
Status: Watch OS; Mac OS; TV OS; Safari
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-54479?

A vulnerability has been identified in several Apple operating systems and the Safari browser, where the processing of maliciously crafted web content could result in unexpected process crashes. Apple has deployed improved checks to mitigate this issue in the latest updates for iPadOS, watchOS, visionOS, tvOS, macOS, and Safari. Users are encouraged to update their devices to the newest versions to ensure protection against potential exploitation.

References

https://support.apple.com/en-us/121837

https://support.apple.com/en-us/121838

https://support.apple.com/en-us/121839

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2024