CVE-2024-27812 – A denial-of-service vulnerability in visionOS f... (How to Fix)

Q: What is the severity of CVE-2024-27812?

CVE-2024-27812 has a CVSS score of 6.5 (MEDIUM). A denial-of-service vulnerability in visionOS file handling protocol allows attackers to crash devices by processing malicious web content. This affects visionOS devices before version 1.2. Users visiting compromised websites or opening malicious content could experience system instability.

📋 TL;DR

A denial-of-service vulnerability in visionOS file handling protocol allows attackers to crash devices by processing malicious web content. This affects visionOS devices before version 1.2. Users visiting compromised websites or opening malicious content could experience system instability.

💻 Affected Systems

Products:

Apple Vision Pro

Versions: visionOS versions before 1.2

Operating Systems: visionOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected visionOS versions are vulnerable when processing web content.

📦 What is this software?

Visionos by Apple

View all CVEs affecting Visionos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device crash requiring reboot, potential data loss if system becomes unresponsive during critical operations.

🟠

Likely Case

Temporary application or system instability when processing malicious web content, requiring user intervention to restore functionality.

🟢

If Mitigated

Minimal impact with proper web content filtering and updated systems, potentially causing only temporary performance degradation.

🌐 Internet-Facing: MEDIUM - Attackers can deliver malicious content via websites, but requires user interaction to visit compromised sites.

🏢 Internal Only: LOW - Primarily requires web content processing, which typically originates from external sources.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user to process malicious web content, but no authentication is needed once content is loaded.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: visionOS 1.2

Vendor Advisory: https://support.apple.com/en-us/HT214108

Restart Required: Yes

Instructions:

1. Open Settings app on Vision Pro. 2. Navigate to General > Software Update. 3. Download and install visionOS 1.2. 4. Restart device when prompted.

🔧 Temporary Workarounds

Web Content Filtering

all

Implement web filtering to block potentially malicious content and restrict access to untrusted websites.

Browser Security Settings

all

Configure browsers to disable automatic content processing and enable strict security settings.

🧯 If You Can't Patch

Implement network-level web content filtering and URL reputation services
Restrict web browsing to trusted sites only and disable automatic content loading

🔍 How to Verify

Check if Vulnerable:

Check visionOS version in Settings > General > About. If version is below 1.2, device is vulnerable.

Check Version:

Not applicable - check via device Settings interface

Verify Fix Applied:

Confirm visionOS version is 1.2 or higher in Settings > General > About.

📡 Detection & Monitoring

Log Indicators:

Unexpected application crashes when processing web content
System logs showing file handling errors

Network Indicators:

Requests to known malicious domains delivering web content
Unusual patterns in web traffic to visionOS devices

SIEM Query:

source="visionos" AND (event="crash" OR event="error") AND process="webcontent"

📊 Metadata

CVE ID: CVE-2024-27812

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-400

Published: June 10, 2024

Last Updated: November 21, 2024

🔗 References

http://seclists.org/fulldisclosure/2024/Jun/5 Mailing List,Third Party Advisory
https://support.apple.com/en-us/HT214108 Vendor Advisory
https://support.apple.com/kb/HT214108 Vendor Advisory
http://seclists.org/fulldisclosure/2024/Jun/5 Mailing List,Third Party Advisory
https://support.apple.com/en-us/HT214108 Vendor Advisory
https://support.apple.com/kb/HT214108 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27812, you might also want to check these: