Vulnerability Description
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Processing a maliciously crafted video file may lead to unexpected app termination.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Ipados | < 16.7.9 |
| Apple | Iphone Os | < 16.7.9 |
| Apple | Macos | < 12.7.6 |
Related Weaknesses (CWE)
References
- https://support.apple.com/en-us/120908
- https://support.apple.com/en-us/120909
- https://support.apple.com/en-us/120910
- https://support.apple.com/en-us/120911
- https://support.apple.com/en-us/120912
- http://seclists.org/fulldisclosure/2024/Jul/16Mailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2024/Jul/17Mailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2024/Jul/18Mailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2024/Jul/19Mailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2024/Jul/20Mailing ListThird Party Advisory
- https://support.apple.com/en-us/HT214116Release NotesVendor Advisory
- https://support.apple.com/en-us/HT214117Release NotesVendor Advisory
- https://support.apple.com/en-us/HT214118Release NotesVendor Advisory
- https://support.apple.com/en-us/HT214119Release NotesVendor Advisory
- https://support.apple.com/en-us/HT214120Release NotesVendor Advisory
FAQ
What is CVE-2024-27873?
CVE-2024-27873 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macO...
How severe is CVE-2024-27873?
CVE-2024-27873 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27873?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Ipados, Apple Iphone Os, Apple Macos.