CVE-2024-54658

Published Feb 10, 2025

Last updated 24 days ago

CVSS medium 6.5

Overview

Description: The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to a denial-of-service.
Source: product-security@apple.com
NVD status: Modified
Products: safari, ipados, iphone_os, macos, tvos, visionos, watchos

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-400

Hype score: Not currently trending

🚨 CVE-2024-54658 🟠 MEDIUM (6.5) 🏢 Apple - watchOS 🏗️ unspecified 🔗 https://t.co/zNk68uOMet 🔗 https://t.co/SQexspD0OQ 🔗 https://t.co/A3vnsxiILQ 🔗 https://t.co/tHWd12g4xY 🔗 https://t.co/dvta0WzHMi 🔗 https://t.co/YEE8nQrdDM #CyberCron #VulnAlert https://t.co/c4RC0b5M7u
@cybercronai
12 Feb 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "DC7753BA-5DF8-4F98-8DA8-69DA473F8307",
            "versionEndExcluding": "17.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "CCCC6AF9-4EFA-4A45-888B-93C0C1327BC7",
            "versionEndExcluding": "17.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "BCB4911E-7824-4C34-916D-88110CB415EB",
            "versionEndExcluding": "17.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "58227FD1-0619-45F6-AD19-25831899376A",
            "versionEndExcluding": "14.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "BB6BA6CB-001B-4440-A9AE-473F5722F8E0",
            "versionEndExcluding": "17.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "EB7F6CDA-FEC0-45D7-ACBE-8B5AD35F1AB5",
            "versionEndExcluding": "1.1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "5547F484-4E4B-4961-BAF8-F891D50BB4B6",
            "versionEndExcluding": "10.4",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References