CVE-2024-54523

MEDIUM

iPadOS < 18.2 - Out-of-bounds Write in Coprocessor Memory

Title source: llm

Description

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

References (4)

Core 4

Core References

Release Notes, Vendor Advisory

https://support.apple.com/en-us/121837

Release Notes, Vendor Advisory

https://support.apple.com/en-us/121839

Release Notes, Vendor Advisory

https://support.apple.com/en-us/121843

Release Notes, Vendor Advisory

https://support.apple.com/en-us/121844

Scores

CVSS v3 6.3

EPSS 0.0027

EPSS Percentile 50.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (9)

Apple/iOS and iPadOS < 18.2

apple/ipados < 18.2

apple/iphone_os < 18.2

apple/macos < 15.2

Apple/macOS < 15.2

apple/tvos < 18.2

Apple/tvOS < 18.2

apple/watchos < 11.2

Apple/watchOS < 11.2

Published Jan 27, 2025

Tracked Since Feb 18, 2026