CVE-2024-27823
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
46.7%
A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5. An attacker in a privileged network position may be able to spoof network packets.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | ipados | * | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
| apple | iphone_os | * | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
| apple | macos | * | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
| apple | tvos | * | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* |
| apple | visionos | * | cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
| apple | watchos | * | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
References
seclists.org/fulldisclosure/2024/Jul/23
support.apple.com/en-us/HT214100
support.apple.com/en-us/HT214101
support.apple.com/en-us/HT214102
support.apple.com/en-us/HT214104
support.apple.com/en-us/HT214105
support.apple.com/en-us/HT214106
support.apple.com/en-us/HT214107
support.apple.com/en-us/HT214123
support.apple.com/kb/HT214100
support.apple.com/kb/HT214101
support.apple.com/kb/HT214102
support.apple.com/kb/HT214104
support.apple.com/kb/HT214105
support.apple.com/kb/HT214106
support.apple.com/kb/HT214107
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
46.7%