CVE-2024-23264

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23264
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1. An application may be able to read restricted memory.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/120880
https://support.apple.com/en-us/120882
https://support.apple.com/en-us/120883
https://support.apple.com/en-us/120884
https://support.apple.com/en-us/120886
https://support.apple.com/en-us/120893
https://support.apple.com/en-us/120895
http://seclists.org/fulldisclosure/2024/Mar/21 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/22 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/23 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/25 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/26 Mailing List
https://support.apple.com/en-us/HT214081 Vendor Advisory
https://support.apple.com/en-us/HT214082 Vendor Advisory
https://support.apple.com/en-us/HT214083 Vendor Advisory
https://support.apple.com/en-us/HT214084 Vendor Advisory
https://support.apple.com/en-us/HT214085 Vendor Advisory
https://support.apple.com/en-us/HT214086 Vendor Advisory
https://support.apple.com/en-us/HT214087 Vendor Advisory
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214082
https://support.apple.com/kb/HT214083
https://support.apple.com/kb/HT214084
https://support.apple.com/kb/HT214085
https://support.apple.com/kb/HT214087
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
History

02 Apr 2026, 19:17

Type Values Removed Values Added
Summary (en) A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An application may be able to read restricted memory. (en) A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1. An application may be able to read restricted memory.
References
  • () https://support.apple.com/en-us/120880 -
  • () https://support.apple.com/en-us/120882 -
  • () https://support.apple.com/en-us/120883 -
  • () https://support.apple.com/en-us/120884 -
  • () https://support.apple.com/en-us/120886 -
  • () https://support.apple.com/en-us/120893 -
  • () https://support.apple.com/en-us/120895 -

04 Nov 2025, 19:16

Type Values Removed Values Added
References
  • () https://support.apple.com/kb/HT214081 -
  • () https://support.apple.com/kb/HT214082 -
  • () https://support.apple.com/kb/HT214083 -
  • () https://support.apple.com/kb/HT214084 -
  • () https://support.apple.com/kb/HT214085 -
  • () https://support.apple.com/kb/HT214087 -

09 Dec 2024, 14:54

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References () http://seclists.org/fulldisclosure/2024/Mar/21 - () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/22 - () http://seclists.org/fulldisclosure/2024/Mar/22 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/23 - () http://seclists.org/fulldisclosure/2024/Mar/23 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/25 - () http://seclists.org/fulldisclosure/2024/Mar/25 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/26 - () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List
References () https://support.apple.com/en-us/HT214081 - () https://support.apple.com/en-us/HT214081 - Vendor Advisory
References () https://support.apple.com/en-us/HT214082 - () https://support.apple.com/en-us/HT214082 - Vendor Advisory
References () https://support.apple.com/en-us/HT214083 - () https://support.apple.com/en-us/HT214083 - Vendor Advisory
References () https://support.apple.com/en-us/HT214084 - () https://support.apple.com/en-us/HT214084 - Vendor Advisory
References () https://support.apple.com/en-us/HT214085 - () https://support.apple.com/en-us/HT214085 - Vendor Advisory
References () https://support.apple.com/en-us/HT214086 - () https://support.apple.com/en-us/HT214086 - Vendor Advisory
References () https://support.apple.com/en-us/HT214087 - () https://support.apple.com/en-us/HT214087 - Vendor Advisory
CVSS v2 : unknown
v3 : 5.3 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
First Time Apple iphone Os
Apple visionos
Apple
Apple tvos
Apple macos
Apple ipados

21 Nov 2024, 20:15

Type Values Removed Values Added
CWE CWE-125
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3
References () http://seclists.org/fulldisclosure/2024/Mar/21 - () http://seclists.org/fulldisclosure/2024/Mar/21 -
References () http://seclists.org/fulldisclosure/2024/Mar/22 - () http://seclists.org/fulldisclosure/2024/Mar/22 -
References () http://seclists.org/fulldisclosure/2024/Mar/23 - () http://seclists.org/fulldisclosure/2024/Mar/23 -
References () http://seclists.org/fulldisclosure/2024/Mar/25 - () http://seclists.org/fulldisclosure/2024/Mar/25 -
References () http://seclists.org/fulldisclosure/2024/Mar/26 - () http://seclists.org/fulldisclosure/2024/Mar/26 -
References () https://support.apple.com/en-us/HT214081 - () https://support.apple.com/en-us/HT214081 -
References () https://support.apple.com/en-us/HT214082 - () https://support.apple.com/en-us/HT214082 -
References () https://support.apple.com/en-us/HT214083 - () https://support.apple.com/en-us/HT214083 -
References () https://support.apple.com/en-us/HT214084 - () https://support.apple.com/en-us/HT214084 -
References () https://support.apple.com/en-us/HT214085 - () https://support.apple.com/en-us/HT214085 -
References () https://support.apple.com/en-us/HT214086 - () https://support.apple.com/en-us/HT214086 -
References () https://support.apple.com/en-us/HT214087 - () https://support.apple.com/en-us/HT214087 -

13 Mar 2024, 23:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Mar/26 -
  • () http://seclists.org/fulldisclosure/2024/Mar/22 -
  • () http://seclists.org/fulldisclosure/2024/Mar/25 -
  • () http://seclists.org/fulldisclosure/2024/Mar/23 -

13 Mar 2024, 21:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Mar/21 -

08 Mar 2024, 02:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-08 02:15

Updated : 2026-04-02 19:17

NVD link : CVE-2024-23264

Mitre link : CVE-2024-23264

CVE.ORG link : CVE-2024-23264

JSON object : View

Products Affected

apple

  • ipados
  • tvos
  • visionos
  • macos
  • iphone_os
CWE
NVD-CWE-noinfo CWE-125

Out-of-bounds Read