Race Condition Vulnerability in Apple Products
CVE-2024-54494

5.9MEDIUM

Key Information:

Vendor: Apple
Status: Watch OS; TV OS; Visionos; iPhone OS
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-54494?

This vulnerability arises from a race condition affecting several Apple operating systems, allowing attackers to potentially create a read-only memory mapping that can be written to, undermining data integrity and system reliability. Additional validation measures were implemented in the latest updates to mitigate this issue. Users are encouraged to update their devices to the latest software versions to ensure protection against potential exploitation.

References

https://support.apple.com/en-us/121837

https://support.apple.com/en-us/121838

https://support.apple.com/en-us/121839

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2024