CVE-2024-54486

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 12, 2024
Updated: Dec 20, 2024

Summary

CVE-2024-54486 is a recently identified vulnerability affecting multiple Apple operating systems, including iPadOS, watchOS, visionOS, tvOS, macOS Sequoia, iOS, and iPadOS. This issue, now resolved, was caused by insufficient checks on font processing. Maliciously crafted fonts could exploit this weakness, leading to the disclosure of process memory. Apple has addressed this vulnerability in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2, and iOS 18.2. Users are strongly advised to update their devices to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share