CVE-2024-23296
Published Mar 5, 2024
Last updated 21 days ago
- Description
- A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
- Source
- product-security@apple.com
- NVD status
- Analyzed
- Products
- ipados, iphone_os, macos, tvos, visionos, watchos
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Apple Multiple Products Memory Corruption Vulnerability
- Exploit added on
- Mar 6, 2024
- Exploit action due
- Mar 27, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
- Hype score
- Not currently trending
PPL bypass CVEs confirmed vulnerable on 16.5+ & 17.x. CVE-2024-23225: iOS 17.0–17.3, CVE-2024-23296: 17.1–17.4 These CVEs Could Unlock iOS 17 Jailbreak tons on iOS 16 also has plenty.
@Hermes_tooll
7 Mar 2026
8881 Impressions
7 Retweets
101 Likes
17 Bookmarks
7 Replies
1 Quote
➕ Apple’dan Kritik Güvenlik Açıkları İçin Acil Güncelleme ▪️ Apple, CVE-2024-23225 ve CVE-2024-23296 sıfırıncı gün açıklarını gidermek için iOS ve iPadOS güncellemeleri yayımladı. Bu açıklar, saldırganlara çekirdek belleği koruma önlemlerini aşma imkanı sağlıyordu. iPhone XS ve…
@fokusplusnet
20 Nov 2024
462 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Entonces teóricamente ahora con el nuevo bypass de PAC usando CVE-2024-40815, el bypass de SPTM con cve-2024-23296 y la vulnerabilidad de kernel CVE-2024-23208 que ya tiene un POC ya debería ser posible hacer un JB en iOS 17.0-17.2.1 🤔
@DanielSu121
2 Nov 2024
7285 Impressions
3 Retweets
26 Likes
10 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732206AE-D798-41FB-8D91-F796820F912D",
"versionEndExcluding": "16.7.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB78D53-5EC0-45E5-871B-0C18F1E6D438",
"versionEndExcluding": "17.4",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDF6AF0-A238-47E5-9A9D-F6FDB832DD8C",
"versionEndExcluding": "16.7.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FE8515-300C-4B6F-92A0-7D1E6D93F907",
"versionEndExcluding": "17.4",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA924D87-8FAE-4E34-83F7-A5E25C7450E5",
"versionEndExcluding": "12.7.6",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D797210-B0F0-44AE-9028-47C18C22AFA5",
"versionEndExcluding": "13.6.7",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099",
"versionEndExcluding": "14.4",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6BA6CB-001B-4440-A9AE-473F5722F8E0",
"versionEndExcluding": "17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7F6CDA-FEC0-45D7-ACBE-8B5AD35F1AB5",
"versionEndExcluding": "1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5547F484-4E4B-4961-BAF8-F891D50BB4B6",
"versionEndExcluding": "10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]