CVE-2024-23225
Apple Multiple Products Memory Corruption Vulnerability
CVSS
—
Sin CVSS
EPSS
1.5%
p71
KEV
SÍ
6 mar 2024
Exploit Today
71
0-100
Publicado: — · Última mod.: —
Producto
Apple / Multiple Products
Vulnerabilidad
Apple Multiple Products Memory Corruption Vulnerability
Añadido a KEV
6 mar 2024
Remediar antes de
27 mar 2024
Uso conocido en ransomware
No
Descripción resumida
Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214087, https://support.apple.com/en-us/HT214088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23225