CVE-2024-23258

HIGH

Apple Macos < 14.4 - Out-of-Bounds Read

Title source: rule

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1. Processing an image may lead to arbitrary code execution.

References (8)

Core 8

Core References

https://support.apple.com/en-us/120883

https://support.apple.com/en-us/120895

Mailing List

http://seclists.org/fulldisclosure/2024/Mar/21

Mailing List

http://seclists.org/fulldisclosure/2024/Mar/26

Vendor Advisory

https://support.apple.com/en-us/HT214084

Vendor Advisory

https://support.apple.com/en-us/HT214087

Vendor Advisory

https://support.apple.com/kb/HT214084

Vendor Advisory

https://support.apple.com/kb/HT214087

Scores

CVSS v3 7.8

EPSS 0.0005

EPSS Percentile 14.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-125

Status published

Products (4)

Apple/macOS < 14.4

apple/macos 14.0 - 14.4

apple/visionos < 1.1

Apple/visionOS < 1.1

Published Mar 08, 2024

Tracked Since Feb 18, 2026