Lucene search

K

AttackerKBAKB:1B2D223E-C09D-4DDC-B465-EC5467D41596

HistoryJan 23, 2024 - 12:00 a.m.

CVE-2024-23222

2024-01-2300:00:00

attackerkb.com

13

cve-2024-23222

type confusion

apple platforms

arbitrary code execution

security fix

malicious web content

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.8%

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

References

seclists.org/fulldisclosure/2024/Feb/6

seclists.org/fulldisclosure/2024/Jan/27

seclists.org/fulldisclosure/2024/Jan/33

seclists.org/fulldisclosure/2024/Jan/34

seclists.org/fulldisclosure/2024/Jan/36

seclists.org/fulldisclosure/2024/Jan/37

seclists.org/fulldisclosure/2024/Jan/38

seclists.org/fulldisclosure/2024/Jan/40

www.openwall.com/lists/oss-security/2024/02/05/8

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23222

lists.fedoraproject.org/archives/list/[email protected]/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/

lists.fedoraproject.org/archives/list/[email protected]/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/

support.apple.com/en-us/HT214055

support.apple.com/en-us/HT214056

support.apple.com/en-us/HT214057

support.apple.com/en-us/HT214058

support.apple.com/en-us/HT214059

support.apple.com/en-us/HT214061

support.apple.com/en-us/HT214063

support.apple.com/en-us/HT214070

support.apple.com/kb/HT214055

support.apple.com/kb/HT214056

support.apple.com/kb/HT214057

support.apple.com/kb/HT214058

support.apple.com/kb/HT214059

support.apple.com/kb/HT214061

support.apple.com/kb/HT214063

support.apple.com/kb/HT214070

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.8%

Related for AKB:1B2D223E-C09D-4DDC-B465-EC5467D41596

cisa_kev1 redhatcve1 openvas14 ubuntucve1 cve1 cvelist1 hivepro1 malwarebytes1 nvd1 nessus17 prion1 debiancve1 apple8 osv3 amazon1 talosblog2 debian1 thn3 ubuntu1 fedora2 redhat1 mageia1