7.8
CVE-2024-27828
- EPSS 0.06%
- Veröffentlicht 10.06.2024 21:15:50
- Zuletzt bearbeitet 21.11.2024 09:05:11
- Quelle product-security@apple.com
- Teams Watchlist Login
- Unerledigt Login
The issue was addressed with improved memory handling. This issue is fixed in visionOS 1.2, watchOS 10.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to execute arbitrary code with kernel privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.176 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-786 Access of Memory Location Before Start of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
CWE-788 Access of Memory Location After End of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.