cve-2024-27834
Vulnerability from cvelistv5
Published
2024-05-13 23:00
Modified
2024-08-02 00:41
Severity
Summary
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ipad_os", "vendor": "apple", "versions": [ { "lessThan": "17.5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "macos", "vendor": "apple", "versions": [ { "lessThan": "14.5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:apple:tvos:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "tvos", "vendor": "apple", "versions": [ { "lessThan": "17.5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "watchos", "vendor": "apple", "versions": [ { "lessThan": "10.5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "iphone_os", "vendor": "apple", "versions": [ { "lessThan": "17.5", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-27834", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-16T04:00:11.988391Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-277", "description": "CWE-277 Insecure Inherited Permissions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T15:23:00.293Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:41:55.789Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://support.apple.com/en-us/HT214101" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/en-us/HT214106" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/en-us/HT214104" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/en-us/HT214103" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/en-us/HT214102" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/May/17" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/05/21/1" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/May/10" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/May/9" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/May/12" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/May/16" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "iOS and iPadOS", "vendor": "Apple", "versions": [ { "lessThan": "17.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "macOS", "vendor": "Apple", "versions": [ { "lessThan": "14.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "watchOS", "vendor": "Apple", "versions": [ { "lessThan": "10.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Safari", "vendor": "Apple", "versions": [ { "lessThan": "17.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "tvOS", "vendor": "Apple", "versions": [ { "lessThan": "17.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication." } ], "problemTypes": [ { "descriptions": [ { "description": "An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-13T23:00:50.836Z", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "url": "https://support.apple.com/en-us/HT214101" }, { "url": "https://support.apple.com/en-us/HT214106" }, { "url": "https://support.apple.com/en-us/HT214104" }, { "url": "https://support.apple.com/en-us/HT214103" }, { "url": "https://support.apple.com/en-us/HT214102" }, { "url": "http://seclists.org/fulldisclosure/2024/May/17" }, { "url": "http://www.openwall.com/lists/oss-security/2024/05/21/1" }, { "url": "http://seclists.org/fulldisclosure/2024/May/10" }, { "url": "http://seclists.org/fulldisclosure/2024/May/9" }, { "url": "http://seclists.org/fulldisclosure/2024/May/12" }, { "url": "http://seclists.org/fulldisclosure/2024/May/16" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/" } ] } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2024-27834", "datePublished": "2024-05-13T23:00:50.836Z", "dateReserved": "2024-02-26T15:32:28.527Z", "dateUpdated": "2024-08-02T00:41:55.789Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-27834\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2024-05-14T15:13:06.953\",\"lastModified\":\"2024-07-03T01:51:06.170\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.\"},{\"lang\":\"es\",\"value\":\"El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en iOS 17.5 y iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. Un atacante con capacidad de lectura y escritura arbitraria puede eludir la autenticaci\u00f3n de puntero.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.4,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-277\"}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2024/May/10\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/May/12\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/May/16\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/May/17\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/May/9\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/05/21/1\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT214101\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT214102\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT214103\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT214104\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT214106\",\"source\":\"product-security@apple.com\"}]}}" } }
Loading...