CVE-2024-27791 - Vulnerability Details - OpenCVE

The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. An app may be able to corrupt coprocessor memory.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Ipados Iphone Os Macos Tvos

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::

No data.

References

Link	Providers
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214057
https://support.apple.com/en-us/HT214058
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214061
https://support.apple.com/en-us/HT214063

History

Thu, 12 Dec 2024 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple ipados
CPEs	cpe:2.3:o:apple:ipad_os::::::::	cpe:2.3:o:apple:ipados::::::::
Vendors & Products	Apple ipad Os	Apple ipados

Tue, 10 Dec 2024 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple ipad Os Apple iphone Os Apple macos Apple tvos
CPEs		cpe:2.3:o:apple:ipad_os:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:tvos::::::::
Vendors & Products		Apple Apple ipad Os Apple iphone Os Apple macos Apple tvos
Metrics	cvssV3_1 `{'score': 5.8, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L'}`	cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-04-24T16:43:44.979Z

Updated: 2024-08-02T00:41:55.246Z

Reserved: 2024-02-26T15:32:28.514Z

Link: CVE-2024-27791

Vulnrichment

Updated: 2024-08-02T00:41:55.246Z

NVD

Status : Analyzed

Published: 2024-04-24T17:15:47.177

Modified: 2024-12-12T14:33:00.640

Link: CVE-2024-27791

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27791", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2024-02-26T15:32:28.514Z", "datePublished": "2024-04-24T16:43:44.979Z", "dateUpdated": "2024-08-02T00:41:55.246Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to corrupt coprocessor memory"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "13.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "17.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "16.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "17.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "14.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "12.7", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. An app may be able to corrupt coprocessor memory."}], "references": [{"url": "https://support.apple.com/en-us/HT214058"}, {"url": "https://support.apple.com/en-us/HT214059"}, {"url": "https://support.apple.com/en-us/HT214063"}, {"url": "https://support.apple.com/en-us/HT214055"}, {"url": "https://support.apple.com/en-us/HT214061"}, {"url": "https://support.apple.com/en-us/HT214057"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-04-24T16:43:44.979Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "affected": [{"vendor": "apple", "product": "tvos", "cpes": ["cpe:2.3:o:apple:tvos:17.3:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "17.3", "versionType": "semver"}]}, {"vendor": "apple", "product": "iphone_os", "cpes": ["cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "apple", "product": "ipad_os", "cpes": ["cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "apple", "product": "iphone_os", "cpes": ["cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "apple", "product": "ipad_os", "cpes": ["cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "apple", "product": "macos", "cpes": ["cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "12.0", "status": "affected", "lessThan": "12.7.3", "versionType": "custom"}, {"version": "13.0", "status": "affected", "lessThan": "13.6.4", "versionType": "custom"}, {"version": "14.0", "status": "affected", "lessThan": "14.3", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-04-26T17:07:22.920160Z", "id": "CVE-2024-27791", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T14:31:36.409Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.246Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214058", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214059", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214063", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214055", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214061", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214057", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT214058", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214059", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214063", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214055", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214061", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT214057", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.246Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-27791", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-26T17:07:22.920160Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:apple:tvos:17.3:*:*:*:*:*:*:*"], "vendor": "apple", "product": "tvos", "versions": [{"status": "affected", "version": "0", "lessThan": "17.3", "versionType": "semver"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*"], "vendor": "apple", "product": "iphone_os", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*"], "vendor": "apple", "product": "ipad_os", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*"], "vendor": "apple", "product": "iphone_os", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*"], "vendor": "apple", "product": "ipad_os", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*"], "vendor": "apple", "product": "macos", "versions": [{"status": "affected", "version": "12.0", "lessThan": "12.7.3", "versionType": "custom"}, {"status": "affected", "version": "13.0", "lessThan": "13.6.4", "versionType": "custom"}, {"status": "affected", "version": "14.0", "lessThan": "14.3", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-26T17:06:44.887Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "13.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "17.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "16.7", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "17.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "12.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT214058"}, {"url": "https://support.apple.com/en-us/HT214059"}, {"url": "https://support.apple.com/en-us/HT214063"}, {"url": "https://support.apple.com/en-us/HT214055"}, {"url": "https://support.apple.com/en-us/HT214061"}, {"url": "https://support.apple.com/en-us/HT214057"}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. An app may be able to corrupt coprocessor memory."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to corrupt coprocessor memory"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-04-24T16:43:44.979Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27791", "state": "PUBLISHED", "dateUpdated": "2024-08-02T00:41:55.246Z", "dateReserved": "2024-02-26T15:32:28.514Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2024-04-24T16:43:44.979Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "52830EA8-817D-47D3-9A0E-2456C2D59301", "versionEndExcluding": "16.7.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "7DFDDBEC-015C-4AC6-A2B8-387839CEDCCE", "versionEndExcluding": "17.3", "versionStartIncluding": "17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCC14DD1-6E3A-4326-AAD2-DEDF13584BBE", "versionEndExcluding": "16.7.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD699999-B0F0-41D0-AE33-E7E4AA3C0F90", "versionEndExcluding": "17.3", "versionStartIncluding": "17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECD0F581-7DA4-428A-A1F5-C9A86DDD99D7", "versionEndExcluding": "12.7.3", "versionStartIncluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3916CD8-E6D5-4786-903E-B86026859CE6", "versionEndExcluding": "13.6.4", "versionStartIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "79ADFEBE-99EE-4F01-9AE8-489EB41885D1", "versionEndExcluding": "14.3", "versionStartIncluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "921307BF-8419-42C7-9B2C-8DD643723E38", "versionEndExcluding": "17.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. An app may be able to corrupt coprocessor memory."}, {"lang": "es", "value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en iOS 17.3 y iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 y iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. Es posible que una aplicaci\u00f3n pueda da\u00f1ar la memoria del coprocesador."}], "id": "CVE-2024-27791", "lastModified": "2024-12-12T14:33:00.640", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 4.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-24T17:15:47.177", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214055"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214057"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214058"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214059"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214061"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214063"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214058"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214059"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214061"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT214063"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}