September 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
DarkCrystal RAT aka DCRat – Active IOCs
December 26, 2024
New Botnet Leverages Flaws in TP-Link Routers and NVRs – Active IOCs
December 26, 2024
DarkCrystal RAT aka DCRat – Active IOCs
December 26, 2024
New Botnet Leverages Flaws in TP-Link Routers and NVRs – Active IOCs
December 26, 2024
Severity
Medium
Analysis Summary
CVE-2023-42867 CVSS:6.4
This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges.
CVE-2024-44195 CVSS:7.5
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files.
CVE-2024-44200 CVSS:5.5
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to read sensitive location information.
CVE-2024-44201 CVSS:5.5
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service.
CVE-2024-44211 CVSS:7.5
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
CVE-2024-44212 CVSS:5.3
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin.
CVE-2024-44220 CVSS:6.5
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.
CVE-2024-44223 CVSS:5.2
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window.
CVE-2024-44224 CVSS:7.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to gain root privileges.
CVE-2024-44225 CVSS:7.8
A logic issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to gain elevated privileges.
CVE-2024-44231 CVSS:7.5
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update.
CVE-2024-44241 CVSS:9.8
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2023-42867
- CVE-2024-44195
- CVE-2024-44200
- CVE-2024-44201
- CVE-2024-44211
- CVE-2024-44212
- CVE-2024-44220
- CVE-2024-44223
- CVE-2024-44224
- CVE-2024-44225
- CVE-2024-44231
- CVE-2024-44241
Affected Vendors
Apple
Affected Products
- Apple tvOS 18.1
- Apple watchOS 11.1
- Apple visionOS 2.1
- Apple GarageBand 10.4.9
- Apple macOS Sequoia 15.1
- Apple iOS 18.1 and iPadOS 18.1
- Apple iPadOS 17.7.3
- Apple macOS Ventura 13.7.2
- Apple macOS Sonoma 14.7.2
- Apple Safari 18.1
- Apple watchOS 11.2
- Apple tvOS 18.2
- Apple macOS Sequoia 15.2
- Apple iOS 18.2 and iPadOS 18.2
Remediation
Refer to Apple Security Document for patch, upgrade, or suggested workaround information.