Multiple vulnerabilities in Apple watchOS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 16 |
| CVE-ID | CVE-2024-44171 CVE-2024-40850 CVE-2024-27880 CVE-2024-44176 CVE-2024-44169 CVE-2024-44191 CVE-2024-44198 CVE-2024-44183 CVE-2024-44170 CVE-2024-40857 CVE-2024-44187 CVE-2024-44155 CVE-2024-44144 CVE-2024-54560 CVE-2024-54467 CVE-2024-44192 |
| CWE-ID | CWE-254 CWE-264 CWE-20 CWE-125 CWE-119 CWE-284 CWE-190 CWE-388 CWE-200 CWE-79 CWE-693 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
watchOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 16 vulnerabilities.
1) Security features bypass
EUVDB-ID: #VU97365
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44171
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to a state management error in the accessibility feature. An attacker with physical access to device can control nearby devices.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3 External linkshttps://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU97339
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40850
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists in Game Center due to improperly imposed security restrictions. A local application can gain unauthorized access to certain files on the system.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU97340
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in ImageIO. A remote attacker can trick the victim into opening a specially crafted image file and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU97341
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44176
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and crash the application.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU97344
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44169
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in IOSurfaceAccelerator. A local application can trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper access control
EUVDB-ID: #VU97366
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44191
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to Bluetooth.
The vulnerability exists due to improper access restrictions in kernel. A local application can gain unauthorized access to Bluetooth.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Integer overflow
EUVDB-ID: #VU97385
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-44198
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in libxml2. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper error handling
EUVDB-ID: #VU97348
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44183
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an logic issue in mDNSResponder when handling errors. A local application can perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU97391
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44170
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the way Siri stores sensitive information. A local application can access user-sensitive data.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Universal cross-site scripting
EUVDB-ID: #VU97351
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-40857
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Protection Mechanism Failure
EUVDB-ID: #VU97350
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44187
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error when handling "iframe" elements in WebKit. A remote attacker can exfiltrate data cross-origin.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU99424
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-44155
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper validation of custom URL scheme in Safari. A remote attacker can trick the victim into visiting a specially crafted website and violate iframe sandboxing policy.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU99404
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44144
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing files in SceneKit. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and crash the application.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU105364
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54560
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to improper privilege management in LaunchServices. A local application can modify other apps without having App Management permission.
MitigationInstall update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Information disclosure
EUVDB-ID: #VU105258
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-54467
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a state management issue in WebKit. A remote attacker can trick the victim into visiting a specially crafted webpage and exfiltrate data cross-origin.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Input validation error
EUVDB-ID: #VU105259
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44192
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in WebKit. A remote attacker can trick the victim into visiting a specially crafted webpage and crash the browser.
Install update from vendor's website.
Vulnerable software versionswatchOS: 10.0 - 10.6.1
CPE2.3https://support.apple.com/en-us/121240
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
