CVE-2024-27812

A logic issue was addressed with improved file handling. This issue is fixed in visionOS 1.2. Processing web content may lead to a denial-of-service.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/120906
http://seclists.org/fulldisclosure/2024/Jun/5	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT214108	Vendor Advisory
https://support.apple.com/kb/HT214108	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

History

02 Apr 2026, 19:17

Type	Values Removed	Values Added
Summary	~~(en) The issue was addressed with improvements to the file handling protocol. This issue is fixed in visionOS 1.2. Processing web content may lead to a denial-of-service.~~	(en) A logic issue was addressed with improved file handling. This issue is fixed in visionOS 1.2. Processing web content may lead to a denial-of-service.
References		() https://support.apple.com/en-us/120906 -

21 Nov 2024, 09:05

Type	Values Removed	Values Added
References	~~() http://seclists.org/fulldisclosure/2024/Jun/5 - Mailing List, Third Party Advisory~~	() http://seclists.org/fulldisclosure/2024/Jun/5 - Mailing List, Third Party Advisory
References	~~() https://support.apple.com/en-us/HT214108 - Vendor Advisory~~	() https://support.apple.com/en-us/HT214108 - Vendor Advisory
References	~~() https://support.apple.com/kb/HT214108 - Vendor Advisory~~	() https://support.apple.com/kb/HT214108 - Vendor Advisory

03 Jul 2024, 01:50

Type	Values Removed	Values Added
CWE		CWE-400

02 Jul 2024, 13:28

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
First Time		Apple visionos Apple
References	~~() http://seclists.org/fulldisclosure/2024/Jun/5 -~~	() http://seclists.org/fulldisclosure/2024/Jun/5 - Mailing List, Third Party Advisory
References	~~() https://support.apple.com/en-us/HT214108 -~~	() https://support.apple.com/en-us/HT214108 - Vendor Advisory
References	~~() https://support.apple.com/kb/HT214108 -~~	() https://support.apple.com/kb/HT214108 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:o:apple:visionos::::::::

12 Jun 2024, 04:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2024/Jun/5 -

11 Jun 2024, 13:54

Type	Values Removed	Values Added
Summary		(es) El problema se solucionó con mejoras en el protocolo de manejo de archivos. Este problema se solucionó en visionOS 1.2. El procesamiento de contenido web puede dar lugar a una denegación de servicio.

10 Jun 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-10 21:15

Updated : 2026-04-02 19:17

NVD link : CVE-2024-27812

Mitre link : CVE-2024-27812

CVE.ORG link : CVE-2024-27812

JSON object : View

Products Affected

apple

visionos

CWE

NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption

6.5 /10