Vulnerability Details : CVE-2024-27823
A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5. An attacker in a privileged network position may be able to spoof network packets.
Products affected by CVE-2024-27823
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2024-27823
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-27823
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.2
|
3.6
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-03-26 |
|
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.2
|
3.6
|
NIST | 2024-08-12 |
CWE ids for CVE-2024-27823
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2024-27823
-
https://support.apple.com/en-us/HT214104
About the security content of watchOS 10.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214101
About the security content of iOS 17.5 and iPadOS 17.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214107
About the security content of macOS Ventura 13.6.7 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214105
About the security content of macOS Monterey 12.7.5 - Apple SupportRelease Notes;Vendor Advisory
-
http://seclists.org/fulldisclosure/2024/Jul/23
Full Disclosure: APPLE-SA-07-29-2024-9 visionOS 1.3Mailing List;Third Party Advisory
-
https://support.apple.com/kb/HT214104
About the security content of watchOS 10.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/kb/HT214107
About the security content of macOS Ventura 13.6.7 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/kb/HT214102
About the security content of tvOS 17.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214102
About the security content of tvOS 17.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214100
About the security content of iOS 16.7.8 and iPadOS 16.7.8 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/kb/HT214100
About the security content of iOS 16.7.8 and iPadOS 16.7.8 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/kb/HT214101
About the security content of iOS 17.5 and iPadOS 17.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214106
About the security content of macOS Sonoma 14.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT214123
About the security content of visionOS 1.3 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/kb/HT214105
About the security content of macOS Monterey 12.7.5 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/kb/HT214106
About the security content of macOS Sonoma 14.5 - Apple SupportRelease Notes;Vendor Advisory
Jump to