logo
Home/CVEs/CVE-2024-23225/

CVE-2024-23225 - Apple Multiple Products Memory Corruption Vulnerability

Project:Apple

Product:Multiple Products

Date Added:2024-03-06Due Date:2024-03-27

Vulnerability Name

Apple Multiple Products Memory Corruption Vulnerability

Description

Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214087, https://support.apple.com/en-us/HT214088

https://nvd.nist.gov/vuln/detail/CVE-2024-23225

Related News Articles

Apple backports fix for zero-day exploited in attacks to older iPhonesMay 14, 2024