Lucene search
HistoryJun 10, 2024 - 9:15 p.m.
CVE-2024-27828
cve-2024-27828
memory handling
arbitrary code execution
kernel privileges
visionos
watchos
tvos
ios
ipados
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
23.8%
The issue was addressed with improved memory handling. This issue is fixed in visionOS 1.2, watchOS 10.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to execute arbitrary code with kernel privileges.
Affected configurations
Node
appleipadosRange<17.5
ORappleiphone_osRange<17.5
ORappletvosRange<17.5
ORapplevisionosRange<1.2
ORapplewatchosRange<17.5
Related
cvelist
cvelist
CVE-2024-27828
2024-06-10 20:56:36
vulnrichment
vulnrichment
CVE-2024-27828
2024-06-10 20:56:36
cve
cve
CVE-2024-27828
2024-06-10 21:15:50
apple
apple
About the security content of visionOS 1.2
2024-06-10 00:00:00
About the security content of watchOS 10.5
2024-05-13 00:00:00
About the security content of tvOS 17.5
2024-05-13 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
23.8%
Related for NVD:CVE-2024-27828