VDB
CVE-2024-44229
CVE-2024-44229
PUBLISHED
CVSS 8.699999809265137 HIGH
In Apple Safari bestehen mehrere Schwachstellen. Diese Fehler existieren wegen unsachgemäßer Zustandsverwaltung und unzureichender Validierung in Komponenten wie Downloads und privates Surfen, was den unbefugten Zugriff auf Inhalte und die mögliche Preisgabe von Daten ermöglicht. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um bösartige Inhalte herunterzuladen, auf den Browserverlauf zuzugreifen oder Abstürze und Speicherbeschädigungen zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.17% · 37.9th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.17%
37.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Apple macOS Ventura <13.7.1 | |
| Apple | Apple macOS Sonoma <14.7.1 | |
| Apple | Apple Safari <18.1 | |
| Apple | Apple iOS <18.1 | |
| Apple | Apple iPadOS <18.1 | |
| Apple | Apple iOS <17.7.1 | |
| Apple | Apple iPadOS <17.7.1 | |
| Apple | Apple macOS Sequoia <15.1 |
Exploit Intelligence
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
…and 26 more exploits
Timeline
- Oct 28, 2024 Coalition ESS Score
- Oct 28, 2024 CVE Published
- Oct 29, 2024 EPSS Score
- Oct 30, 2024 Coalition ESS Score
- Nov 16, 2024 EPSS Score
- Dec 5, 2024 EPSS Score
- Dec 24, 2024 EPSS Score
- Jan 11, 2025 EPSS Score
- Jan 29, 2025 EPSS Score
- Feb 16, 2025 EPSS Score
- Mar 6, 2025 EPSS Score
- Mar 24, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3288.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3288 advisory
- https://lists.apple.com/archives/security-announce/2024/Oct/msg00001.html advisory
- https://lists.apple.com/archives/security-announce/2024/Oct/msg00002.html advisory
- https://github.com/ifpdz/CVE-2024-44258 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3291.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3291 advisory
- https://lists.apple.com/archives/security-announce/2024/Oct/msg00003.html advisory
- https://lists.apple.com/archives/security-announce/2024/Oct/msg00004.html advisory
- https://lists.apple.com/archives/security-announce/2024/Oct/msg00005.html advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3303.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3303 advisory
- https://lists.apple.com/archives/security-announce/2024/Oct/msg00009.html advisory