CVE-2024-23225 - Apple Multiple Products Memory Corruption Vulnerability

: Apple | Multiple Products

Date Added:
2024-03-06

Due Date:
2024-03-27

Vulnerability Name: Apple Multiple Products Memory Corruption Vulnerability

Description: Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214087, https://support.apple.com/en-us/HT214088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23225

Related News Articles: Apple backports fix for zero-day exploited in attacks to older iPhonesMay 14, 2024

Free online web security scanner

Don't show website scan report rating on the leaderboard