- Description
- A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- CWE-362
- Hype score
- Not currently trending
Entonces teóricamente ahora con el nuevo bypass de PAC usando CVE-2024-40815, el bypass de SPTM con cve-2024-23296 y la vulnerabilidad de kernel CVE-2024-23208 que ya tiene un POC ya debería ser posible hacer un JB en iOS 17.0-17.2.1 🤔
@DanielSu121
2 Nov 2024
7285 Impressions
3 Retweets
26 Likes
10 Bookmarks
3 Replies
0 Quotes
يبدو اننا حصلنا بالفعل على PAC 🔥 CVE-2024-40815 و لو تم دمجها مع CVE-2024-27801 سوف نتمكن من تفعيل اشياء على system daemons 😎 https://t.co/nNldKbydvf
@learniosworld
29 Oct 2024
5537 Impressions
4 Retweets
35 Likes
9 Bookmarks
3 Replies
0 Quotes
CVE-2024-40815 🚶
@w0wbox
29 Oct 2024
7690 Impressions
1 Retweet
42 Likes
5 Bookmarks
7 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062",
"versionEndExcluding": "17.6"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352",
"versionEndExcluding": "17.6"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70D16512-F797-4C1B-8612-FCB4B6039C2C",
"versionEndExcluding": "13.6.8"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE",
"versionEndExcluding": "14.6",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5",
"versionEndExcluding": "17.6"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0",
"versionEndExcluding": "10.6"
}
],
"operator": "OR"
}
]
}
]