{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-27818","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2024-02-26T15:32:28.520Z","datePublished":"2024-05-13T23:00:51.988Z","dateUpdated":"2026-04-02T18:15:47.916Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An attacker may be able to cause unexpected app termination or arbitrary code execution"}]}],"affected":[{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","status":"affected","lessThan":"16.7.8","versionType":"custom"},{"version":"0","status":"affected","lessThan":"17.5","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"14.5","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to cause unexpected app termination or arbitrary code execution."}],"references":[{"url":"https://support.apple.com/en-us/120898"},{"url":"https://support.apple.com/en-us/120903"},{"url":"https://support.apple.com/en-us/120905"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:15:47.916Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-77","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}],"affected":[{"vendor":"apple","product":"ios","cpes":["cpe:2.3:o:apple:ios:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"17.5","versionType":"custom"}]},{"vendor":"apple","product":"ipados","cpes":["cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"17.5","versionType":"custom"}]},{"vendor":"apple","product":"macos","cpes":["cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"14.5","versionType":"custom"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-05-16T04:00:15.843768Z","id":"CVE-2024-27818","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-26T19:58:19.422Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:41:55.442Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT214101","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT214106","tags":["x_transferred"]},{"url":"http://seclists.org/fulldisclosure/2024/May/10","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT214100","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT214106","tags":["x_transferred"]},{"url":"http://seclists.org/fulldisclosure/2024/May/12","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT214101","tags":["x_transferred"]}]}]},"dataVersion":"5.2"}