High severity7.8NVD Advisory· Published Jun 10, 2024· Updated Apr 2, 2026

CVE-2024-27815

Description

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.

Affected products

Apple Inc./Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Range: <17.5
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <17.5
Apple Inc./macOS
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Range: >=14.0,<14.5
Apple Inc./tvOS
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Range: <17.5
Apple Inc./Visionos
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Range: <1.2
Apple Inc./watchOS
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Range: <10.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2024/Jun/5nvdMailing ListThird Party Advisory
support.apple.com/en-us/HT214101nvdVendor Advisory
support.apple.com/en-us/HT214102nvdVendor Advisory
support.apple.com/en-us/HT214104nvdVendor Advisory
support.apple.com/en-us/HT214106nvdVendor Advisory
support.apple.com/en-us/HT214108nvdVendor Advisory
support.apple.com/kb/HT214101nvdVendor Advisory
support.apple.com/kb/HT214102nvdVendor Advisory
support.apple.com/kb/HT214104nvdVendor Advisory
support.apple.com/kb/HT214106nvdVendor Advisory
support.apple.com/kb/HT214108nvdVendor Advisory
support.apple.com/en-us/120901nvd
support.apple.com/en-us/120902nvd
support.apple.com/en-us/120903nvd
support.apple.com/en-us/120905nvd
support.apple.com/en-us/120906nvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.020
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000