VYPR
← All advisories
High severity7.5NVD Advisory· Published Mar 21, 2025· Updated Apr 2, 2026

CVE-2024-54551

CVE-2024-54551

Description

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing web content may lead to a denial-of-service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Processing malicious web content in Apple systems may cause a denial-of-service via a memory handling flaw, fixed in July 2024 updates.

Vulnerability

Overview CVE-2024-54551 is a denial-of-service vulnerability in Apple's WebKit or related content processing engine. The root cause is a memory handling flaw that can be triggered when processing crafted web content, leading to an unexpected system termination or hang [1].

Exploitation

Details The attack surface is the browser or any application that renders web content using Apple's frameworks, such as Safari, Mail, or third-party apps using WKWebView. An attacker can exploit this by hosting a malicious webpage or injecting content into a legitimate page. No user interaction beyond visiting the page is required, and no special privileges are needed [1][2].

Impact

Successful exploitation results in a denial-of-service condition. The system or application may crash or become unresponsive, disrupting user activity. Apple rates this vulnerability as High severity with a CVSS v3 base score of 7.5, reflecting the low complexity and network-based attack vector [1].

Mitigation

Apple addressed the issue with improved memory handling in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, and watchOS 10.6, all released on July 29, 2024 [1][2][3][4]. Users should update their devices to the latest available versions to protect against potential exploitation. There is no evidence that this vulnerability was exploited in the wild before the patch.

References
  1. About the security content of macOS Sonoma 14.6 - Apple Support
  2. About the security content of iOS 17.6 and iPadOS 17.6 - Apple Support
  3. About the security content of watchOS 10.6 - Apple Support
  4. About the security content of visionOS 1.3 - Apple Support

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

51

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.