Denial of Service Vulnerability in Apple Devices
CVE-2024-54497

6.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS; TV OS; Visionos; Watch OS
Vendor: CVE Published:; 27 January 2025

Summary

A vulnerability in Apple's operating systems allows processing specific web content to potentially lead to a denial-of-service situation. This issue has been addressed with improved checks in the latest software updates. Users are encouraged to update to the following versions: iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 to mitigate risks associated with this vulnerability.

Affected Version(s)

iOS and iPadOS < 18.2

iPadOS < 17.7

macOS < 14.7

References

https://support.apple.com/en-us/122069

https://support.apple.com/en-us/121844

https://support.apple.com/en-us/121845

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Dec 3, 2024