{ "id": "CVE-2024-40815", "sourceIdentifier": "product-security@apple.com", "published": "2024-07-29T23:15:13.523", "lastModified": "2025-03-13T19:15:46.173", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication." }, { "lang": "es", "value": " Se abord\u00f3 una condici\u00f3n de ejecuci\u00f3n con validaci\u00f3n adicional. Este problema se solucion\u00f3 en macOS Ventura 13.6.8, iOS 17.6 y iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. Un atacante malicioso con capacidad de lectura y escritura arbitraria puede omitir la autenticaci\u00f3n de puntero." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.6, "impactScore": 5.9 }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.6, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-362" } ] }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-352" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6", "matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6", "matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionEndExcluding": "13.6.8", "matchCriteriaId": "70D16512-F797-4C1B-8612-FCB4B6039C2C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.0", "versionEndExcluding": "14.6", "matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6", "matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.6", "matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0" } ] } ] } ], "references": [ { "url": "http://seclists.org/fulldisclosure/2024/Jul/16", "source": "product-security@apple.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/18", "source": "product-security@apple.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/19", "source": "product-security@apple.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/21", "source": "product-security@apple.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/22", "source": "product-security@apple.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214117", "source": "product-security@apple.com", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214119", "source": "product-security@apple.com", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214120", "source": "product-security@apple.com", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214122", "source": "product-security@apple.com", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214124", "source": "product-security@apple.com", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/16", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/18", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/19", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/21", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://seclists.org/fulldisclosure/2024/Jul/22", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214117", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214119", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214120", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214122", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ] }, { "url": "https://support.apple.com/en-us/HT214124", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ] } ] }