AI description
CVE-2024-23225 is a memory corruption vulnerability found within the kernel of multiple Apple operating systems, including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. This flaw, stemming from insufficient validation, could allow an attacker with arbitrary kernel read and write capabilities to bypass existing kernel memory protections. Apple has acknowledged reports indicating that this issue may have been actively exploited in the wild, leading to its inclusion in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability has been addressed through improved validation in updates such as iOS 16.7.6, iPadOS 16.7.6, iOS 17.4, and iPadOS 17.4, among others.
- Description
- A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
- Source
- product-security@apple.com
- NVD status
- Analyzed
- Products
- ipados, iphone_os, macos, tvos, visionos, watchos
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Apple Multiple Products Memory Corruption Vulnerability
- Exploit added on
- Mar 6, 2024
- Exploit action due
- Mar 27, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
- Hype score
- Not currently trending
CVE-2024-23225: Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.
@lyrie_ai
4 May 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
NVDでApple関連CVE 200件のメタデータ一斉更新。WebKit型混乱(CVE-2024-23222)やカーネルメモリ破壊(CVE-2024-23225/23296)など悪用確認済み3件含む。古いiOS/macOSを使い続けている場合は改めて確認を。 #セキュリティ #C
@aisolostudio
3 Apr 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2023-20198 2 - CVE-2023-50428 3 - CVE-2026-0757 4 - CVE-2024-23225 5 - CVE-2026-20700 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
7 Mar 2026
158 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
PPL bypass CVEs confirmed vulnerable on 16.5+ & 17.x. CVE-2024-23225: iOS 17.0–17.3, CVE-2024-23296: 17.1–17.4 These CVEs Could Unlock iOS 17 Jailbreak tons on iOS 16 also has plenty.
@Hermes_tooll
7 Mar 2026
8881 Impressions
7 Retweets
101 Likes
17 Bookmarks
7 Replies
1 Quote
➕ Apple’dan Kritik Güvenlik Açıkları İçin Acil Güncelleme ▪️ Apple, CVE-2024-23225 ve CVE-2024-23296 sıfırıncı gün açıklarını gidermek için iOS ve iPadOS güncellemeleri yayımladı. Bu açıklar, saldırganlara çekirdek belleği koruma önlemlerini aşma imkanı sağlıyordu. iPhone XS ve…
@fokusplusnet
20 Nov 2024
462 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9277B3E8-4519-4E07-A89A-A08C604AB78C",
"versionEndExcluding": "16.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB78D53-5EC0-45E5-871B-0C18F1E6D438",
"versionEndExcluding": "17.4",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF8B925-3DE5-4CC8-A4C3-95D8F107D607",
"versionEndExcluding": "16.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FE8515-300C-4B6F-92A0-7D1E6D93F907",
"versionEndExcluding": "17.4",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A61173BD-535F-46FC-B40F-DA78B168E420",
"versionEndExcluding": "12.7.4",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69C4F06A-061F-46B3-8BB7-5C9B47C00956",
"versionEndExcluding": "13.6.5",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099",
"versionEndExcluding": "14.4",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6BA6CB-001B-4440-A9AE-473F5722F8E0",
"versionEndExcluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7F6CDA-FEC0-45D7-ACBE-8B5AD35F1AB5",
"versionEndExcluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5547F484-4E4B-4961-BAF8-F891D50BB4B6",
"versionEndExcluding": "10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]