Multiple vulnerabilities in Apple products could allow arbitrary code execution


Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow arbitrary code execution. Details of the vulnerabilities are as follows:

Tactical: Execution (TA0002):

Technical: Exploitation for client execution (T1203):

  • An application with root privileges may be able to execute arbitrary code with kernel privileges. (CVE-2024-27878)
  • An application may be able to overwrite arbitrary files. (CVE-2024-40827)
  • A remote attacker may be able to cause arbitrary code execution. (CVE-2024-6387)
  • An application may be able to execute arbitrary code with kernel privileges. (CVE-2024-27826)
    Additional lower severity vulnerabilities include:
  • Visiting a website that contains malicious content may result in user interface spoofing. (CVE-2024-40817)
  • Processing malicious web content may result in an unexpected process termination. (CVE-2024-40776, CVE-2024-40782, CVE-2024-40779, CVE-2024-40780, CVE-2024-40789, CVE-2024-40799)
  • Processing malicious web content may lead to a cross-site scripting attack. (CVE-2024-40785)
  • Private browsing tabs are accessible without authentication. (CVE-2024-40794)
  • An application may be able to bypass privacy preferences. (CVE-2024-40774, CVE-2024-40814)
  • Processing a malicious file may cause the application to terminate unexpectedly. (CVE-2024-40799, CVE-2024-40806, CVE-2024-40777, CVE-2024-40784, CVE-2024-27877)
  • Processing a malicious video file may cause the application to terminate unexpectedly. (CVE-2024-27873)
  • A malicious attacker with arbitrary read and write capabilities may be able to bypass pointer authentication. (CVE-2024-40815)
  • An application may be able to read sensitive location information. (CVE-2024-40795)
  • Processing an image may result in a denial of service. (CVE-2023-6277, CVE-2023-52356)
  • A local attacker may be able to determine the kernel memory layout. (CVE-2024-27863)
  • A local attacker may be able to cause an unexpected system shutdown. (CVE-2024-40788)
  • An application may be able to bypass privacy preferences. (CVE-2024-40805, CVE-2024-40824)
  • An attacker with physical access may be able to use Siri to access sensitive user data. (CVE-2024-40813)
  • Photos in the Hidden Photos album can be viewed without authentication. (CVE-2024-40778)
  • An application can access protected user data. (CVE-2024-27871, CVE-2024-40793, CVE-2024-27872)
  • A shortcut may be able to use sensitive data with certain actions without prompting the user for permission. (CVE-2024-40833, CVE-2024-40835, CVE-2024-40836, CVE-2024-40807)
  • A shortcut may allow bypassing Internet authorization requirements. (CVE-2024-40809, CVE-2024-40812, CVE-2024-40787)
  • An attacker may be able to access a user's sensitive information. (CVE-2024-40786)
  • An attacker with physical access may be able to use Siri to access sensitive user data. (CVE-2024-40818)
  • An attacker with physical access to a device may be able to access contacts from the lock screen. (CVE-2024-40822)
  • An attacker may be able to view restricted content from the lock screen. (CVE-2024-40829)
  • Private browsing may disclose part of browsing history. (CVE-2024-40796)
  • An application may be able to read Safari's browsing history. (CVE-2024-40798)
  • A malicious application can access private information. (CVE-2024-40804)
  • Multiple issues in Apache. (CVE-2023-38709, CVE-2024-24795, CVE-2024-27316)
  • A malicious application may be able to bypass privacy preferences. (CVE-2024-40783)
  • An application may be able to disclose sensitive user information. (CVE-2024-40775, CVE-2024-40823)
  • Multiple issues in curl. (CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466)
  • A malicious attacker with arbitrary read and write capabilities may be able to bypass pointer authentication. (CVE-2024-40815)
  • A local attacker may be able to cause an unexpected system shutdown. (CVE-2024-40816)
  • An attacker may be able to cause an application to exit unexpectedly. (CVE-2024-40803)
  • An application may be able to display a contact's phone number in system logs. (CVE-2024-40832)
  • A local attacker may be able to elevate privileges. (CVE-2024-40781, CVE-2024-40782)
  • An application may be able to modify protected portions of the file system. (CVE-2024-27882, CVE-2024-27883, CVE-2024-40800)
  • An application can bypass Gatekeeper controls. (CVE-2023-27952)
  • An application can access information about a user's contacts. (CVE-2024-27881)
  • Third-party application extensions may not receive the correct sandbox restrictions. (CVE-2024-40821)
  • Enabling lockdown mode when setting up a Mac may cause FileVault to be unexpectedly disabled. (CVE-2024-27862)
  • A shortcut may allow bypassing sensitive settings in the Shortcuts application. (CVE-2024-40834)
  • A malicious application can gain root privileges. (CVE-2024-40828)
  • An application may be able to modify protected parts of the file system. (CVE-2024-40811)
  • An attacker may be able to read information belonging to another user. (CVE-2024-23261)
  • An attacker with arbitrary read and write capabilities in the kernel may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. (CVE-2024-23296)
  • An application may be able to cause an unexpected system shutdown. (CVE-2024-27804)
  • An attacker in a privileged network position may be able to spoof network packets. (CVE-2024-27823)

Successful exploitation of the most severe of these vulnerabilities could allow arbitrary code execution in the context of the logged-on user. Depending on the user's privileges, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News

CISA publishes seven advice on industrial control systemsCISA publishes seven advice on industrial control systems

CISA publishes seven advice on industrial control systems

July 1, 2025
Several vulnerabilities in Citrix products could allow the disclosure of sensitive dataSeveral vulnerabilities in Citrix products could allow the disclosure of sensitive data

Several vulnerabilities in Citrix products could allow the disclosure of sensitive data

June 27, 2025

You may have missed

CISA publishes seven advice on industrial control systemsCISA publishes seven advice on industrial control systems

CISA publishes seven advice on industrial control systems

July 1, 2025
Several vulnerabilities in Citrix products could allow the disclosure of sensitive dataSeveral vulnerabilities in Citrix products could allow the disclosure of sensitive data

Several vulnerabilities in Citrix products could allow the disclosure of sensitive data

June 27, 2025
CISA publishes five advice from industrial control systemsCISA publishes five advice from industrial control systems

CISA publishes five advice from industrial control systems

June 17, 2025
Ransomware actors use unrefined surveillance and remote management to compromise the provider of public services billing softwareRansomware actors use unrefined surveillance and remote management to compromise the provider of public services billing software

Ransomware actors use unrefined surveillance and remote management to compromise the provider of public services billing software

June 12, 2025
Several vulnerabilities in Adobe products could allow an arbitrary code executionSeveral vulnerabilities in Adobe products could allow an arbitrary code execution

Several vulnerabilities in Adobe products could allow an arbitrary code execution

June 10, 2025
Cisa publishes four reviews of industrial control systemsCisa publishes four reviews of industrial control systems

Cisa publishes four reviews of industrial control systems

June 10, 2025