CVE-2024-54506

Published Dec 12, 2024

Last updated 2 months ago

CVSS critical 9.8

Overview

Description: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.2. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
Source: product-security@apple.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

nvd@nist.gov: CWE-125
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-125

Hype score: Not currently trending

CVE-2024-54506 An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.2. An attacker may be able to cause unexpected syst… https://t.co/r4eyODNFlH
@CVEnew
12 Dec 2024
305 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0",
            "versionEndExcluding": "15.2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References