CVE-2024-27796

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to elevate privileges.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.4 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2024/May/10
http://seclists.org/fulldisclosure/2024/May/12
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214106
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214105
https://support.apple.com/kb/HT214106
https://support.apple.com/kb/HT214107

Configurations

No configuration.

History

No history.

Information

Published : 2024-05-14 15:13

Updated : 2024-07-03 01:50

NVD link : CVE-2024-27796

Mitre link : CVE-2024-27796

CVE.ORG link : CVE-2024-27796

JSON object : View

Products Affected

No product.

CWE

CWE-1325

Improperly Controlled Sequential Memory Allocation

8.1 /10