CVE-2024-23264

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An application may be able to read restricted memory.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2024/Mar/21	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/22	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/23	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/25	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/26	Mailing List
https://support.apple.com/en-us/HT214081	Vendor Advisory
https://support.apple.com/en-us/HT214082	Vendor Advisory
https://support.apple.com/en-us/HT214083	Vendor Advisory
https://support.apple.com/en-us/HT214084	Vendor Advisory
https://support.apple.com/en-us/HT214085	Vendor Advisory
https://support.apple.com/en-us/HT214086	Vendor Advisory
https://support.apple.com/en-us/HT214087	Vendor Advisory
http://seclists.org/fulldisclosure/2024/Mar/21	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/22	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/23	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/25	Mailing List
http://seclists.org/fulldisclosure/2024/Mar/26	Mailing List
https://support.apple.com/en-us/HT214081	Vendor Advisory
https://support.apple.com/en-us/HT214082	Vendor Advisory
https://support.apple.com/en-us/HT214083	Vendor Advisory
https://support.apple.com/en-us/HT214084	Vendor Advisory
https://support.apple.com/en-us/HT214085	Vendor Advisory
https://support.apple.com/en-us/HT214086	Vendor Advisory
https://support.apple.com/en-us/HT214087	Vendor Advisory
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214082
https://support.apple.com/kb/HT214083
https://support.apple.com/kb/HT214084
https://support.apple.com/kb/HT214085
https://support.apple.com/kb/HT214087

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::

History

04 Nov 2025, 19:16

Type	Values Removed	Values Added
References		() https://support.apple.com/kb/HT214081 - () https://support.apple.com/kb/HT214082 - () https://support.apple.com/kb/HT214083 - () https://support.apple.com/kb/HT214084 - () https://support.apple.com/kb/HT214085 - () https://support.apple.com/kb/HT214087 -

09 Dec 2024, 14:54

Information

Published : 2024-03-08 02:15

Updated : 2025-11-04 19:16

NVD link : CVE-2024-23264

Mitre link : CVE-2024-23264

CVE.ORG link : CVE-2024-23264

JSON object : View

Products Affected

apple

visionos
iphone_os
tvos
macos
ipados

CWE

NVD-CWE-noinfo CWE-125

Out-of-bounds Read

5.5 /10