Type Confusion Vulnerability in macOS and iOS by Apple
CVE-2024-54507

5.5MEDIUM

Key Information:

Vendor
Apple
Status
Mac OS
iOS And iPad OS
Vendor
CVE Published:
27 January 2025

Badges

📈 Score: 586👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2024-54507?

CVE-2024-54507 is a type confusion vulnerability found in Apple’s macOS and iOS operating systems. This security flaw could allow an attacker with user privileges to read sensitive kernel memory, potentially exposing critical information and compromising the integrity of the system. Given the widespread use of macOS and iOS devices in both personal and organizational environments, this vulnerability poses a significant risk, as unauthorized access to kernel memory can lead to further exploitation and data breaches.

Technical Details

The vulnerability arises from improper memory handling, which is characteristic of type confusion issues. Specifically, it impacts the way the operating system manages memory types, potentially allowing attackers to manipulate memory allocation in a way that can reveal sensitive system information. Apple has addressed this flaw in recent updates: macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2 have been released to mitigate the risks associated with this vulnerability.

Potential Impact of CVE-2024-54507

  1. Unauthorized Access to Sensitive Data: The capability to read kernel memory could enable attackers to access confidential information, including credentials, personal data, and system configurations, which could be utilized for further attacks or data exfiltration.

  2. Increased Risk of System Compromise: By leveraging this vulnerability, an attacker could potentially escalate privileges or execute malicious code within the system, leading to a full compromise of the device and potentially affecting the broader network it connects to.

  3. Threat to Organizational Security: For organizations relying on Apple devices, the presence of this vulnerability increases the risk of targeted attacks that could exploit this weakness, potentially leading to significant downtime, financial loss, and damage to the organization’s reputation.

Affected Version(s)

iOS and iPadOS < 18.2

macOS < 15.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-54507
Created by jprx

News Articles

favicon imageBad Sector Labs Blog

Last Week in Security (LWiS) - 2025-01-27

0-click deanonymization (@hackermondev), Subaru hacks (@samwcyo + @infosec_au), 🍪 sandwitch (@d4d89704243), Entra Connect attacks (@hotnops), Kerberos relaying via HTTP (@croco_byte), and more!

1 week ago

favicon imagedaily.dev

SUSCTL: CVE-2024-54507 | daily.dev

A significant vulnerability, CVE-2024-54507, was discovered in macOS 15.0 where the use of sysctl command could lead to a kernel crash due to an invalid load. The issue was traced to integer type confusion in the sysctl_udp_log_port handler, leading to a kernel memory leak. The bug was reported and ...

2 weeks ago

References

https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121837

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by daily.dev

  • Vulnerability Reserved

.