Vulnerability Details CVE-2024-23258
An out-of-bounds read was addressed with improved input validation. This issue is fixed in visionOS 1.1, macOS Sonoma 14.4. Processing an image may lead to arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 7.8
References
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/26
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214087
- http://seclists.org/fulldisclosure/2024/Mar/21
- http://seclists.org/fulldisclosure/2024/Mar/26
- https://support.apple.com/en-us/HT214084
- https://support.apple.com/en-us/HT214087
Products affected by CVE-2024-23258
-
cpe:2.3:o:apple:macos:14.0
-
cpe:2.3:o:apple:macos:14.1
-
cpe:2.3:o:apple:macos:14.1.1
-
cpe:2.3:o:apple:macos:14.1.2
-
cpe:2.3:o:apple:macos:14.2
-
cpe:2.3:o:apple:macos:14.2.1
-
cpe:2.3:o:apple:macos:14.3
-
cpe:2.3:o:apple:visionos:-
-
cpe:2.3:o:apple:visionos:1.0.2