Apple Exploitation PoC Published - 20240613002¶
Overview¶
The WA SOC has been made aware of a proof-of-concept (PoC) exploit code pulished affecting multiple Apple platforms. This vulnerability has the potential to elevate privileges, granting malicious apps unauthorized access to system services and sensitive user data.
What is vulnerable?¶
| Products Affected. | CVE | CVSS | Severity |
|---|---|---|---|
| tvOS macOS visionOS iOS and iPadOS | CVE-2024-27801 | TBD | TBD |
What has been observed?¶
There is no evidence of active exploitation in the wild at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours... (refer Patch Management):
- tvOS: https://support.apple.com/en-us/HT214102
- macOS: https://support.apple.com/en-us/HT214106
- visionOS: https://support.apple.com/en-us/HT214108
- iOS and iPadOS: https://support.apple.com/en-us/HT214101