CVE-2024-54499

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jan 27, 2025

Updated: Jan 28, 2025

CWE ID 416

Summary

CVE-2024-54499 is a use-after-free vulnerability that has been addressed through improved memory management in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2, and iPadOS 18.2, as well as macOS Sequoia 15.2. This issue arises when processing a specially crafted image, potentially enabling attackers to execute arbitrary code. Users are advised to update their devices to the latest software versions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MacOS
tvOS
iOS
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1Nx_EF
https://www.cve.org/CVERecord?id=CVE-2024-54499
https://nvd.nist.gov/vuln/detail/CVE-2024-54499

Back to Vulnerability Database