State Management Vulnerability in Apple Products
CVE-2024-54564

6.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS; iOS And iPad OS; Visionos
Vendor: CVE Published:; 21 March 2025

Summary

A state management vulnerability was identified in Apple products where files received via AirDrop did not apply the quarantine flag properly, potentially allowing the execution of unverified files. This issue has been addressed in the latest updates for visionOS, macOS, iOS, and iPadOS, enhancing the security posture of the devices.

Affected Version(s)

iOS and iPadOS < 17.6

macOS < 14.6

visionOS < 1.3

References

https://support.apple.com/en-us/120911

https://support.apple.com/en-us/120909

https://support.apple.com/en-us/120915

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 21, 2025