Severity
High
Analysis Summary
CVE-2024-44307 CVSS:7.8
Apple macOS Sonoma is vulnerable to buffer overflow, caused by improper bounds checking. By using a specially crafted application, a local attacker could overflow a buffer and execute arbitrary code on the system with kernel privileges.
CVE-2024-44308 CVSS:8.8
Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JavaScriptCore component. By persuading a victim to open specially crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-44306 CVSS:7.8
Apple macOS Sonoma is vulnerable to buffer overflow, caused by improper bounds checking. By using a specially crafted application, a local attacker could overflow a buffer and execute arbitrary code on the system with kernel privileges.
Impact
- Buffer Overflow
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-44307
- CVE-2024-44308
- CVE-2024-44306
Affected Vendors
Affected Products
- Apple Safari 18.1.0
- Apple visionOS 2.1.0
- Apple macOS Sequoia 15.1.0
- Apple iOS 17.7.1
- Apple macOS Sonoma 14.5
Remediation
Refer to Apple Security Document for patch, upgrade, or suggested workaround information.