First published: Wed Dec 11 2024(Updated: )
Accounts. A logic issue was addressed with improved file handling.
Credit: Benjamin Hornbeck ZUSO ARTSkadz @skadz108 ZUSO ARTChi Yuan Chang ZUSO ARTtaikosoup Arsenii Kostromin (0x3c3e) an anonymous researcher Mickey Jin @patch1t Micheal Chukwu Smi1e @Smi1eSEC Bistrit Dahal Hossein Lotfi @hosselot Trend Micro Zero Day InitiativeGary Kwong Anonymous Trend Micro Zero Day InitiativeJunsung Lee Trend Micro Zero Day InitiativeYe Zhang @VAR10CK Baidu SecurityJoseph Ravichandran @0xjprx MIT CSAILsohybbyk CVE-2024-45490 风沐云烟 @binary_fmyy Abhay Kailasia @abhay_kailasia CRakeshkumar Talaviya Talal Haj Bakry Mysk IncTommy Mysk @mysk_co Mysk IncJacob Braun Rei @reizydev Kenneth Chew Michael DePlante @izobashi Trend Micro's Zero Day InitiativeCVE-2024-45306 Seunghyun Lee Brendon Tiszka Google Project Zerolinjy HKUS3Labchluo WHUSecLabXiangwei Zhang Tencent Security YUNDING LABTashita Software Security Lukas Bernhard Rodolphe BRUNETTI @eisw0lf Lupus NovaKirin @Pwnrin 7feilee Hyerean Jang Taehun Kim Youngjoo Shin Meng Zhang (鲸落) NorthSeaClaudio Bozzato Cisco TalosFrancesco Benvenuto Cisco Talos神罚 @Pwnrin Bohdan Stasiuk @Bohdan_Stasiuk Yokesh Muthu K Mickey Jin @patch1t MicrosoftJonathan Bar Or @yo_yo_yo_jbo MicrosoftAmy @asentientbot Rodolphe BRUNETTI @eisw0lf Halle Winkler Politepix theoffcuts.org Trent Lloyd @lathiat D’Angelo Gonzalez CrowdStrikeMichael Cohen Mickey Jin @patch1t KandjiCsaba Fitzl @theevilbit KandjiD4m0n CertiK SkyFall Team Dillon Franke Google Project Zero product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Sequoia | <15.2 | 15.2 |
Apple visionOS | <2.2 | 2.2 |
Apple Safari | <18.2 | 18.2 |
watchOS | <11.2 | 11.2 |
tvOS | <18.2 | 18.2 |
Apple iOS | <18.2 | 18.2 |
iPadOS | <18.2 | 18.2 |
Apple Safari | <18.2 | |
iPadOS | <18.2 | |
Apple iPhone OS | <18.2 | |
Apple macOS | <15.2 | |
tvOS | <18.2 | |
Apple visionOS | <2.2 | |
watchOS | <11.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2024-54534 has been classified as a moderate severity vulnerability.
To fix CVE-2024-54534, update your device to the latest version specified by Apple, which is 18.2 or later for affected products.
CVE-2024-54534 affects iOS, iPadOS, macOS Sequoia, visionOS, Safari, watchOS, and tvOS versions prior to their respective updates noted.
CVE-2024-54534 addresses logic issues, improved file handling, state management, memory handling, and checks in various Apple products.
CVE-2024-54534 is considered a local vulnerability that can be exploited by an authenticated user.