Login Sign Up

CVE-2024-23248

7.1 HIGH
Denial of Service

📋 TL;DR

This vulnerability in macOS allows processing a malicious file to cause a denial-of-service or potentially leak memory contents. It affects macOS systems before Sonoma 14.4. Attackers could exploit this by tricking users into opening specially crafted files.

💻 Affected Systems

Products:
  • macOS
Versions: Versions before macOS Sonoma 14.4
Operating Systems: macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected macOS versions are vulnerable when processing files through vulnerable components.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory disclosure could expose sensitive information like passwords or encryption keys, while denial-of-service could crash affected applications or the system.

🟠

Likely Case

Denial-of-service causing application crashes when processing malicious files, potentially disrupting user workflows.

🟢

If Mitigated

Limited impact with proper file handling controls and user awareness about opening untrusted files.

🌐 Internet-Facing: MEDIUM - Attackers could host malicious files online, but requires user interaction to open them.
🏢 Internal Only: MEDIUM - Internal users could inadvertently open malicious files from network shares or email attachments.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open malicious files. No public exploit code has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Sonoma 14.4

Vendor Advisory: https://support.apple.com/en-us/HT214084

Restart Required: Yes

Instructions:

1. Open System Settings 2. Click General 3. Click Software Update 4. Install macOS Sonoma 14.4 or later 5. Restart when prompted

🔧 Temporary Workarounds

Restrict file processing

all

Limit file processing to trusted sources and avoid opening files from untrusted origins

🧯 If You Can't Patch

  • Implement application whitelisting to restrict which applications can process files
  • Educate users about the risks of opening files from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check macOS version in System Settings > General > About. If version is earlier than 14.4, system is vulnerable.

Check Version:

sw_vers

Verify Fix Applied:

Verify macOS version is 14.4 or later in System Settings > General > About.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes related to file processing
  • Unexpected memory access errors in system logs

Network Indicators:

  • Downloads of suspicious file types followed by application crashes

SIEM Query:

source="macos_system_logs" AND (event="crash" OR event="memory_error") AND process="*file_processor*"

📊 Metadata

CVE ID: CVE-2024-23248
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CWE: CWE-404
Published: March 8, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-23248, you might also want to check these:

CVE-2025-38385 7.8

This CVE describes a kernel warning triggered during USB device disconnection in the Linux kernel's ...

Same vulnerability type (CWE-404)
CVE-2022-23033 7.8

This Xen hypervisor vulnerability on ARM systems allows guest virtual machines to retain access to m...

Same vulnerability type (CWE-404)
CVE-2021-0984 7.8

This vulnerability in Android 12 allows local privilege escalation without user interaction. An inco...

Same vulnerability type (CWE-404)