July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
CosmicSting Exploit Targets Adobe Commerce and Magento Stores – Active IOCs
October 3, 2024Threat Actor Allegedly Hacks Social Media Accounts of Pakistan Telecom Firm
October 3, 2024CosmicSting Exploit Targets Adobe Commerce and Magento Stores – Active IOCs
October 3, 2024Threat Actor Allegedly Hacks Social Media Accounts of Pakistan Telecom Firm
October 3, 2024
Severity
Medium
Analysis Summary
CVE-2024-40841 CVSS:7.8
Apple macOS Sonoma is vulnerable to a denial of service, caused by an out-of-bounds write issue in the AppleVA component. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-40784 CVSS:7.8
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app termination.
CVE-2024-40777 CVSS:3.3
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app termination.
Impact
- Denial of Service
- Gain Access
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2024-40841
- CVE-2024-40784
- CVE-2024-40777
Affected Vendors
Apple
Affected Products
- Apple macOS Sonoma - 14.6
- Apple macOS 13.6.8
- Apple tvOS 17.6
- Apple iOS 16.7.9
- Apple iOS 17.6
Remediation
Refer to Apple security document for patch, upgrade or suggested workaround information.