CVE-2024-23286

HIGH

Apple Ipados < 16.7.6 - Buffer Overflow

Title source: rule
STIX 2.1

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing an image may lead to arbitrary code execution.

References (29)

Core 29
Core References

Scores

CVSS v3 7.8
EPSS 0.0076
EPSS Percentile 73.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-120
Status published
Products (14)
Apple/iOS and iPadOS < 16.7.6
Apple/iOS and iPadOS < 17.4
apple/ipados < 16.7.6
apple/iphone_os < 16.7.6
Apple/macOS < 12.7.4
Apple/macOS < 13.6.5
Apple/macOS < 14.4
apple/macos 12.0 - 12.7.4
apple/tvos < 17.4
Apple/tvOS < 17.4
... and 4 more
Published Mar 08, 2024
Tracked Since Feb 18, 2026