CVE-2024-27801

HIGH

iPadOS < 17.5 - Privilege Escalation

Title source: llm
STIX 2.1

Description

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to elevate privileges.

References (16)

Core 16
Core References
Mailing List, Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jun/5

Scores

CVSS v3 7.8
EPSS 0.0007
EPSS Percentile 21.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

Status published
Products (11)
Apple/iOS and iPadOS < 17.5
apple/ipados < 17.5
apple/iphone_os < 17.5
Apple/macOS < 14.5
apple/macos 14.0 - 14.5
apple/tvos < 17.5
Apple/tvOS < 17.5
apple/visionos < 1.2
Apple/visionOS < 1.2
apple/watchos < 10.5
... and 1 more
Published Jun 10, 2024
Tracked Since Feb 18, 2026