Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution


Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Details of the vulnerabilities are as follows:

 

TacticExecution (TA0002):

 

Technique: Exploitation for Client Execution (T1203):

 

  • A remote attacker may cause an unexpected app termination or arbitrary code execution. (CVE-2024-45490)
  • An app may be able to execute arbitrary code with kernel privileges. (CVE-2024-54529)
  • Running a mount command may unexpectedly execute arbitrary code. (CVE-2024-54489)
  • An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware. (CVE-2024-54506)
  • An app may be able to elevate privileges. (CVE-2024-54465)

 

Additional lower severity vulnerabilities include:

 

  • On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website. (CVE-2024-44246)
  • Processing maliciously crafted web content may lead to an unexpected process crash. (CVE-2024-54479, CVE-2024-54502, CVE-2024-54508)
  • Processing maliciously crafted web content may lead to memory corruption. (CVE-2024-54505, CVE-2024-54534)
  • A malicious app may be able to access private information. (CVE-2024-54526)
  • An app may be able to access sensitive user data. (CVE-2024-54527, CVE-2024-54513)
  • Muting a call while ringing may not result in mute being enabled. (CVE-2024-54503)
  • Processing a maliciously crafted font may result in the disclosure of process memory. (CVE-2024-54486)
  • Processing a maliciously crafted image may result in disclosure of process memory. (CVE-2024-54500)
  • An attacker may be able to create a read-only memory mapping that can be written to. (CVE-2024-54494)
  • An app may be able to leak sensitive kernel state. (CVE-2024-54510)
  • An app may be able to cause unexpected system termination or corrupt kernel memory. (CVE-2024-44245)
  • An app may be able to break out of its sandbox. (CVE-2024-54514, CVE-2024-54498)
  • An app may be able to gain elevated privileges. (CVE-2024-44225)
  • An attacker in a privileged network position may be able to alter network traffic. (CVE-2024-54492)
  • Processing a maliciously crafted file may lead to a denial of service. (CVE-2024-54501)
  • An attacker with physical access to an iOS device may be able to view notification content from the lock screen. (CVE-2024-54485)
  • Processing a malicious crafted file may lead to a denial-of-service. (CVE-2024-44201)
  • An attacker with physical access to an iPadOS device may be able to view notification content from the lock screen. (CVE-2024-54485)
  • An app may be able to access user-sensitive data. (CVE-2024-54477, CVE-2024-54484, CVE-2024-54504, CVE-2024-54474, CVE-2024-54476)
  • Parsing a maliciously crafted video file may lead to unexpected system termination. (CVE-2024-44220)
  • A local attacker may gain access to user’s Keychain items. (CVE-2024-54490)
  • An app may be able to access protected user data. (CVE-2024-44300)
  • An encrypted volume may be accessed by a different user without prompting for the password. (CVE-2024-54466)
  • A malicious app may be able to gain root privileges. (CVE-2024-44291, CVE-2024-54515, CVE-2024-44224)
  • An app may be able to bypass kASLR. (CVE-2024-54531)
  • A malicious application may be able to determine a user’s current location. (CVE-2024-54491)
  • An app may be able to modify protected parts of the file system. (CVE-2023-32395, CVE-2024-44243, CVE-2024-54495)
  • An app may be able to overwrite arbitrary files. (CVE-2024-54528)
  • A malicious app may be able to access arbitrary files. (CVE-2024-54524)
  • Privacy indicators for microphone access may be attributed incorrectly. (CVE-2024-54493)
  • A user with screen sharing access may be able to view another user’s screen. (CVE-2024-44248)

 

Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.



Source link
lol

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Details of the vulnerabilities are as follows:   Tactic: Execution (TA0002):   Technique: Exploitation for Client Execution (T1203):   A remote attacker may cause an unexpected app termination or arbitrary code execution. (CVE-2024-45490) An app may be…

Leave a Reply

Your email address will not be published. Required fields are marked *