CVE-2024-27822: Input Validation
First published: Mon May 13 2024(Updated: )
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to gain root privileges.
Credit: product-security@apple.com Scott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Meysam Firouzi @R00tkitSMM Mickey Jin @patch1t ajajfxhj Mickey Jin @patch1t Kirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMinghao Lin Baidu Security Baidu SecurityYe Zhang @VAR10CK Baidu SecurityMeysam Firouzi @R00tkitSMM Mickey Jin @patch1t ajajfxhj Mickey Jin @patch1t Kirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappKirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMickey Jin @patch1t ajajfxhj Mickey Jin @patch1t Kirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappRon Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappCertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappJunsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassapppattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappNick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassapppattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappDohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappGil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMeysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappLFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassapp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | >=14.0<14.5 | |
| Apple macOS | <14.5 | 14.5 |
| <14.5 | 14.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2024-27826
- CVE-2024-27804
- CVE-2024-27837
- CVE-2024-27816
- CVE-2024-27825
- CVE-2024-27829
- CVE-2024-27841
- CVE-2024-23236
- CVE-2024-27805
- CVE-2024-27817
- CVE-2024-27831
- CVE-2024-27832
- CVE-2024-27827
- CVE-2024-27801
- CVE-2024-27836
- CVE-2024-27799
- CVE-2024-27818
- CVE-2024-27815
- CVE-2024-27823
- CVE-2024-27811
- CVE-2023-42893
- CVE-2024-23251
- CVE-2024-23282
- CVE-2024-27810
- CVE-2024-27800
- CVE-2024-27802
- CVE-2024-27857
- CVE-2024-27822
- CVE-2024-27824
- CVE-2024-27885
- CVE-2024-27813
- CVE-2024-27844
- CVE-2024-27843
- CVE-2024-27821
- CVE-2024-27855
- CVE-2024-27806
- CVE-2024-27798
- CVE-2024-27848
- CVE-2024-27847
- CVE-2024-27884
- CVE-2024-27842
- CVE-2024-27796
- CVE-2024-27834
- CVE-2024-27838
- CVE-2024-27808
- CVE-2024-27850
- CVE-2024-27851
- CVE-2024-27830
- CVE-2024-27820
- CVE-2024-40771
- CVE-2024-27856
Frequently Asked Questions
What is the severity of CVE-2024-27822?
CVE-2024-27822 has been rated as a critical vulnerability due to its potential to allow an application to gain root privileges.
How do I fix CVE-2024-27822?
To fix CVE-2024-27822, update to macOS Sonoma 14.5 or later.
Which versions of macOS are affected by CVE-2024-27822?
CVE-2024-27822 affects macOS versions prior to 14.5.
What type of issue is CVE-2024-27822?
CVE-2024-27822 is a logic issue that could allow unauthorized access to root privileges.
Is CVE-2024-27822 specific to any Apple products?
CVE-2024-27822 specifically impacts the macOS Sonoma product line.
- agent/first-publish-date
- agent/type
- agent/description
- agent/author
- agent/references
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/apple-support
- source/Apple
- alias/CVE-2024-27837
- alias/CVE-2024-27816
- alias/CVE-2024-27825
- alias/CVE-2024-27829
- alias/CVE-2024-40771
- alias/CVE-2024-27841
- alias/CVE-2024-23236
- alias/CVE-2024-27805
- alias/CVE-2024-27817
- alias/CVE-2024-27831
- alias/CVE-2024-27832
- alias/CVE-2024-27827
- alias/CVE-2024-27801
- alias/CVE-2024-27836
- alias/CVE-2024-27799
- alias/CVE-2024-27818
- alias/CVE-2024-27815
- alias/CVE-2024-27823
- alias/CVE-2024-27811
- alias/CVE-2023-42893
- alias/CVE-2024-23251
- alias/CVE-2024-23282
- alias/CVE-2024-27810
- alias/CVE-2024-27800
- alias/CVE-2024-27802
- alias/CVE-2024-27857
- alias/CVE-2024-27822
- alias/CVE-2024-27824
- alias/CVE-2024-27885
- alias/CVE-2024-27813
- alias/CVE-2024-27844
- alias/CVE-2024-27843
- alias/CVE-2024-27821
- alias/CVE-2024-27855
- alias/CVE-2024-27806
- alias/CVE-2024-27798
- alias/CVE-2024-27848
- alias/CVE-2024-27847
- alias/CVE-2024-27884
- alias/CVE-2024-27842
- alias/CVE-2024-27796
- alias/CVE-2024-27856
- alias/CVE-2024-27834
- alias/CVE-2024-27838
- alias/CVE-2024-27808
- alias/CVE-2024-27850
- alias/CVE-2024-27851
- alias/CVE-2024-27830
- alias/CVE-2024-27820
- alias/CVE-2024-27804
- vendor/apple
- canonical/apple macos
- version/apple macos/14.0