7.8
CVE-2024-27817
- EPSS 0.18%
- Veröffentlicht 10.06.2024 21:15:50
- Zuletzt bearbeitet 02.04.2026 19:17:23
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. An app may be able to execute arbitrary code with kernel privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.079 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-353 Missing Support for Integrity Check
The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.
https://support.apple.com/kb/HT214107
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214106
https://support.apple.com/en-us/HT214105
https://support.apple.com/kb/HT214105
https://support.apple.com/en-us/HT214106
https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214107
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214102
https://support.apple.com/kb/HT214102
http://seclists.org/fulldisclosure/2024/Jun/5
https://support.apple.com/en-us/HT214108
https://support.apple.com/kb/HT214108
https://support.apple.com/en-us/120898
https://support.apple.com/en-us/120901
https://support.apple.com/en-us/120903
https://support.apple.com/en-us/120905
https://support.apple.com/en-us/120906
https://support.apple.com/en-us/120899
https://support.apple.com/en-us/120900