AI description
CVE-2024-27876 is a race condition vulnerability that affects multiple Apple operating systems. It resides in the Archive Handler component of visionOS, but also impacts macOS Ventura, iOS, iPadOS, macOS Sonoma, and macOS Sequoia. The vulnerability occurs when unpacking a maliciously crafted archive, potentially allowing an attacker to write arbitrary files. This issue was resolved through improved locking mechanisms in the patched versions of the operating systems.
- Description
- A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.
- Source
- product-security@apple.com
- NVD status
- Analyzed
- Products
- ipados, iphone_os, macos, visionos
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
writeup for CVE-2024-27876, a fun libAppleArchive bug I discovered back in April last year! I've also supplied an exploit maker for making a malformed aar to write to an arbitrary file. https://t.co/wKCPpYqKex Exploit to escape the app sandbox: 1. Drop the exploit.aar from a
@minacrissDev_
23 May 2025
2451 Impressions
7 Retweets
36 Likes
11 Bookmarks
0 Replies
0 Quotes
current status with CVE-2024-27876. potential on-device arb. write bug for iOS 15-17.6.1 (patched in 17.7). think "sparserestore without the backup". huge thx to @0xilis for finding the vuln and helping me figure out a lot of this. details subject to change.
@minacrissDev_
14 May 2025
286 Impressions
3 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
🧵 Here's the state of jailbreaking on iOS as of April 2025. [Thread] The situation is more complicated than ever for those of you running newer devices. While there are various vulnerabilities currently available, and some of them (i.e., CVE-2024-27876) might even b
@FCE365
29 Apr 2025
12013 Impressions
9 Retweets
90 Likes
25 Bookmarks
7 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-43859 2 - CVE-2025-31324 3 - CVE-2024-27876 4 - CVE-2025-32432 5 - CVE-2025-29306 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
27 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper By CVE-2024-27876 Severity: 🔴 High Maturity: 🧨 Trending Learn more: https://t.co/nME0jauXjk #CyberSecurity #ThreatIntel #InfoSec (1/3)
@fletch_ai
27 Apr 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
current status with CVE-2024-27876. potential on-device arb. write bug for iOS 15-17.6.1 (patched in 17.7). think "sparserestore without the backup". huge thx to @0xilis for finding the vuln and helping me figure out a lot of this. details subject to change. https://t.co/BVH9i9PJ
@skadz108
26 Apr 2025
3377 Impressions
10 Retweets
54 Likes
13 Bookmarks
2 Replies
0 Quotes
Fun fact: CVE-2024-27876 may have been the entire reason I added the -raw_aar flag to shortcut-sign for people to sign .aars to be opened in the Shortcuts application lol Well, not entire reason, but it was a big part of it
@0xilis
26 Apr 2025
3343 Impressions
6 Retweets
42 Likes
2 Bookmarks
2 Replies
0 Quotes
Wasn't expecting much attention on CVE-2024-27876, but thankfully I was wrong :D For some reason seems like a lot of the people are jailbreakers, for you uh, here's a tweak to patch it if you want https://t.co/Td8FCiuRXi
@minacrissDev_
25 Apr 2025
285 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Wasn't expecting much attention on CVE-2024-27876, but thankfully I was wrong :D For some reason seems like a lot of the people are jailbreakers, for you uh, here's a tweak to patch it if you want https://t.co/fymsQLIQzg
@0xilis
25 Apr 2025
3511 Impressions
12 Retweets
58 Likes
12 Bookmarks
1 Reply
0 Quotes
https://t.co/sTMPPqezFJ I'm excited to announce a writeup for CVE-2024-27876, a fun libAppleArchive bug I discovered back in April last year! I've also supplied an exploit maker for making a malformed aar to write to an arbitrary file.
@0xilis
23 Apr 2025
39086 Impressions
31 Retweets
171 Likes
56 Bookmarks
4 Replies
9 Quotes
🔴 #macOS, #iOS, iPadOS Vulnerability: Race Condition in Archive Unpacking (#CVE-2024-27876 - Critical) https://t.co/nCTvRvzYIY
@dailycve
12 Dec 2024
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "064488F4-456F-4C5D-B325-4F1FCDF2D432",
"versionEndExcluding": "17.7"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8542FD9-368A-4A38-965E-47AE279208F1",
"versionEndExcluding": "17.7"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74C58F2C-DE4F-45E9-A5C0-CDF8B666EB4E",
"versionEndExcluding": "13.7",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06F1EED8-2BB5-4768-908B-83AF76DE7B5F",
"versionEndExcluding": "14.7",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6AE7B0F-C356-4601-9636-617CDD09F009",
"versionEndExcluding": "2.0"
}
],
"operator": "OR"
}
]
}
]