Login Sign Up

CVE-2024-27791

7.1 HIGH

📋 TL;DR

This vulnerability allows a malicious app to corrupt coprocessor memory on Apple devices, potentially leading to arbitrary code execution or system instability. It affects iOS, iPadOS, tvOS, and macOS across multiple versions. Users running affected Apple operating systems are at risk.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • tvOS
  • macOS
Versions: iOS/iPadOS before 17.3 and 16.7.5, tvOS before 17.3, macOS Ventura before 13.6.4, macOS Monterey before 12.7.3, macOS Sonoma before 14.3
Operating Systems: iOS, iPadOS, tvOS, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All standard configurations are vulnerable. Requires a malicious app to be installed.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could achieve arbitrary code execution with kernel privileges, leading to complete device compromise, data theft, or persistent malware installation.

🟠

Likely Case

App crashes, system instability, or limited privilege escalation within the app sandbox, potentially allowing data access or further exploitation.

🟢

If Mitigated

With proper app review controls and sandboxing, impact is limited to the malicious app's own memory space with minimal system-wide effects.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious app to be installed and executed. No public exploit code is available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 17.3, iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5, iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3

Vendor Advisory: https://support.apple.com/en-us/HT214055

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update on iOS/iPadOS/tvOS or System Settings > General > Software Update on macOS. 2. Download and install the latest available update. 3. Restart the device when prompted.

🔧 Temporary Workarounds

Restrict App Installation

all

Only install apps from trusted sources like the official App Store and avoid sideloading or third-party app stores.

Enable App Review Controls

all

Use parental controls or MDM solutions to restrict app installations to approved sources only.

🧯 If You Can't Patch

  • Isolate affected devices from critical networks and sensitive data
  • Implement strict app installation policies and monitor for suspicious app behavior

🔍 How to Verify

Check if Vulnerable:

Check the device's operating system version against the affected versions listed above.

Check Version:

iOS/iPadOS/tvOS: Settings > General > About > Version. macOS: Apple menu > About This Mac > macOS version.

Verify Fix Applied:

Verify the device is running one of the patched versions: iOS 17.3+, iPadOS 17.3+, tvOS 17.3+, macOS Ventura 13.6.4+, iOS 16.7.5+, iPadOS 16.7.5+, macOS Monterey 12.7.3+, or macOS Sonoma 14.3+.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected app crashes, kernel panic logs, or memory corruption errors in system logs

Network Indicators:

  • Unusual network connections from apps, especially to unknown destinations

SIEM Query:

Search for events like 'kernel panic', 'memory corruption', or unexpected app termination events from Apple devices.

📊 Metadata

CVE ID: CVE-2024-27791
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
CWE: CWE-119
Published: April 24, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27791, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)