Race Condition Vulnerability in Apple Devices Affecting Multiple OS Versions
CVE-2024-54510

5.1MEDIUM

Key Information:

Vendor: Apple
Status: Watch OS; TV OS; iPhone OS; Mac OS
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-54510?

A race condition vulnerability exists in certain Apple operating systems, which can potentially allow an application to leak sensitive kernel state information. This flaw has been addressed with improved locking mechanisms to enhance the security posture of affected products. The issue impacts multiple devices and OS versions, highlighting the importance of applying the latest security updates to prevent unauthorized access to critical system data.

References

https://support.apple.com/en-us/121837

https://support.apple.com/en-us/121838

https://support.apple.com/en-us/121839

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2024