CVE-2024-54486

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted font may result in the disclosure of process memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
appleCNA
---
---
CISA-ADPADP
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
appleipados
𝑥
< 17.7.3
appleipados
18.0 ≤
𝑥
< 18.2
appleiphone_os
𝑥
< 18.2
applemacos
𝑥
< 13.7.2
applemacos
14.0 ≤
𝑥
< 14.7.2
applemacos
15.0 ≤
𝑥
< 15.2
appletvos
𝑥
< 18.2
applevisionos
𝑥
< 2.2
applewatchos
𝑥
< 11.2
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121838
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121840
https://support.apple.com/en-us/121842
https://support.apple.com/en-us/121843
https://support.apple.com/en-us/121844
https://support.apple.com/en-us/121845