Multiple vulnerabilities in Apple iOS 17 and iPadOS 17
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 16 |
| CVE-ID | CVE-2024-44183 CVE-2024-44184 CVE-2024-44164 CVE-2024-40844 CVE-2024-44158 CVE-2024-40791 CVE-2024-44165 CVE-2024-44169 CVE-2024-44176 CVE-2024-27880 CVE-2024-40850 CVE-2024-27876 CVE-2024-44171 CVE-2024-44191 CVE-2024-44127 CVE-2024-27879 |
| CWE-ID | CWE-388 CWE-264 CWE-200 CWE-377 CWE-532 CWE-119 CWE-125 CWE-20 CWE-362 CWE-254 CWE-284 CWE-287 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
iPadOS Operating systems & Components / Operating system Apple iOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 16 vulnerabilities.
1) Improper error handling
EUVDB-ID: #VU97348
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44183
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an logic issue in mDNSResponder when handling errors. A local application can perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU97363
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44184
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improperly imposed security restrictions in Transparency. A local application can gain access to sensitive user information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU97330
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44164
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by AppleMobileFileIntegrity. A local application can bypass Privacy preferences.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Insecure Temporary File
EUVDB-ID: #VU97359
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-40844
CWE-ID:
CWE-377 - Insecure Temporary File
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to insecure permissions set on temporary files by Shortcuts. A local application can observe data displayed to the user by Shortcuts.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU97358
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44158
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to Shortcuts may disclose sensitive information to a third-party without the user's consent. A remote attacker gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU97346
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-40791
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the Mail Accounts app stores sensitive information into log files. A local user can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU97345
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44165
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way the macOS kernel handles DHCP packets with an active VPN tunnel. A remote attacker can perform TunnelVision attack and gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU97344
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44169
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in IOSurfaceAccelerator. A local application can trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU97341
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44176
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and crash the application.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU97340
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in ImageIO. A remote attacker can trick the victim into opening a specially crafted image file and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU97339
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-40850
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists in Game Center due to improperly imposed security restrictions. A local application can gain unauthorized access to certain files on the system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Race condition
EUVDB-ID: #VU97337
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27876
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a race condition within the Compression component. A remote attacker can trick the victim into unpacking a specially crafted file and execute arbitrary code on the system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Security features bypass
EUVDB-ID: #VU97365
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44171
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to a state management error in the accessibility feature. An attacker with physical access to device can control nearby devices.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper access control
EUVDB-ID: #VU97366
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44191
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to Bluetooth.
The vulnerability exists due to improper access restrictions in kernel. A local application can gain unauthorized access to Bluetooth.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper Authentication
EUVDB-ID: #VU97367
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44127
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to missing authentication. An attacker with physical access to device can access Safari private browsing without authentication.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU97368
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27879
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in UIKit. A remote attacker can perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 17.0 - 17.6.1 21G93
Apple iOS: 17.0 21A326 - 17.6.1 21G101
External linkshttp://support.apple.com/en-us/121246
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
