CVE-2024-27817
HIGHDescription
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. An app may be able to execute arbitrary code with kernel privileges.
Is your site exposed to CVE-2024-27817?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| apple | ipados |
| apple | ipados |
| apple | iphone_os |
| apple | iphone_os |
| apple | macos |
| apple | macos |
| apple | macos |
| apple | tvos |
| apple | visionos |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-27817? +
How severe is CVE-2024-27817? +
What products are affected by CVE-2024-27817? +
How do I check if I'm vulnerable to CVE-2024-27817? +
Related Vulnerabilities
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and …
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity …
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially …
pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants …
A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated …
KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents rendered under a browser-enforced CSP directive and iframe …