CVE-2024-40771
Published: 15 January 2025
Description
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.
Security Summary
CVE-2024-40771 is a memory handling vulnerability affecting the kernel in multiple Apple operating systems, including iOS and iPadOS prior to versions 16.7.8 and 17.5, macOS Monterey prior to 12.7.5, macOS Sonoma prior to 14.5, macOS Ventura prior to 13.6.7, tvOS prior to 17.5, visionOS prior to 1.2, and watchOS prior to 10.5. The issue allows an app to execute arbitrary code with kernel privileges and is associated with CWE-863 (Incorrect Authorization), though detailed CWE mapping is unavailable from NVD.
Exploitation requires local access (AV:L) with low privileges (PR:L), such as a malicious app installed and executed by a user, and features low attack complexity (AC:L) with no user interaction required (UI:N). Successful attacks achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) without scope change (S:U), earning a CVSS v3.1 base score of 7.8. This enables full kernel compromise from a local app context.
Apple's security advisories, detailed at support.apple.com/en-us/120898 through 120902, state that the vulnerability was addressed via improved memory handling in the listed patched versions. Security practitioners should prioritize updating affected devices to these releases for mitigation.
Details
- CWE(s)