AI Score
Confidence
Low
EPSS
Percentile
47.9%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
[
{
"cpes": [
"cpe:2.3:o:apple:watchos:-:*:*:*:*:*:*:*"
],
"vendor": "apple",
"product": "watchos",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "10.6",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"
],
"vendor": "apple",
"product": "macos",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "14.6",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"
],
"vendor": "apple",
"product": "macos",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "13.6",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:apple:tvos:-:*:*:*:*:*:*:*"
],
"vendor": "apple",
"product": "tvos",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "17.6",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
seclists.org/fulldisclosure/2024/Jul/16
seclists.org/fulldisclosure/2024/Jul/18
seclists.org/fulldisclosure/2024/Jul/19
seclists.org/fulldisclosure/2024/Jul/21
seclists.org/fulldisclosure/2024/Jul/22
support.apple.com/en-us/HT214117
support.apple.com/en-us/HT214119
support.apple.com/en-us/HT214120
support.apple.com/en-us/HT214122
support.apple.com/en-us/HT214124