SB2024012247 - Multiple vulnerabilities in Apple watchOS 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024012247

SB2024012247 - Multiple vulnerabilities in Apple watchOS

Published: January 22, 2024 Updated: April 29, 2024

Security Bulletin ID SB2024012247
Severity
High
Patch available
YES
Number of vulnerabilities 14
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 14% Low 71%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2024-23212)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within Apple Neural Engine. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.


2) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2024-23218)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a timing side-channel issue in CoreCrypto. A remote attacker can decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.


3) Buffer overflow (CVE-ID: CVE-2024-23208)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.


4) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2024-23207)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files in Mail Search. A local application can read the log files and gain access to sensitive data.


5) Input validation error (CVE-ID: CVE-2024-23223)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to insufficient validation of files in NSSpellChecker. A local application can gain access to sensitive user data.


6) Information disclosure (CVE-ID: CVE-2024-23211)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by Safari, which exposes user's private browsing activity in Settings. A local user can gain unauthorized access to sensitive information.


7) Security features bypass (CVE-ID: CVE-2024-23204)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists in Shortcuts due to a missing prompt. A remote attacker can gain access to sensitive data with certain actions without prompting the user.


8) Insecure Temporary File (CVE-ID: CVE-2024-23217)

The vulnerability allows a local application to bypass certain Privacy preferences.

The vulnerability exists in Shortcuts due to insecure processing of temporary files. A local application can bypass certain Privacy preferences.


9) Insecure Temporary File (CVE-ID: CVE-2024-23215)

The vulnerability allows a local application to bypass certain security restrictions.

The vulnerability exists in TCC due to insecure processing of temporary files. A local application can gain access to sensitive user information.


10) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2024-23210)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Time Zone application stores sensitive information into log files. A local application can read the system log files and gain access to a user's phone number.


11) Buffer overflow (CVE-ID: CVE-2024-23206)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


12) Buffer overflow (CVE-ID: CVE-2024-23213)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


13) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-23201)

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly imposed security restrictions in libxpc. A local application can perform a denial of service (DoS) attack.


14) Security features bypass (CVE-ID: CVE-2024-23271)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a logic error in WebKit, which can lead to unexpected cross-origin behavior. A remote attacker can trick the victim to visit a specially crafted website and bypass implemented security restrictions.


Remediation

Install update from vendor's website.

References