CVE-2024-44167

Root

Cause CVE-2024-44167 is a vulnerability in Apple operating systems that allows an app to overwrite arbitrary files. The issue was addressed by removing the vulnerable code entirely, rather than by patching a specific logic flaw [1].

Exploitation

The vulnerability is triggered by a malicious application installed on the device. No special privileges beyond app installation appear to be required, as the bug exists in the underlying file-system permissions or sandbox logic that should normally prevent apps from writing outside their container. The attack surface is thus any device running an unpatched version of iOS, iPadOS, macOS, or visionOS [1][2][4].

Impact

An attacker who successfully exploits this vulnerability can overwrite arbitrary files on the device, potentially leading to data corruption, denial of service, or elevation of privilege by replacing system files or application code [1]. The impact is rated medium (CVSS 5.5), reflecting the need for an app to be installed on the target system.

Mitigation

Apple released fixes in iOS 18, iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, and visionOS 2 on September 16, 2024 [1][2][3][4]. Users are advised to update to these or later versions. No workarounds are documented.