CVE-2024-27838 – This vulnerability allows malicious webpages to... (How to Fix)

Q: What is the severity of CVE-2024-27838?

CVE-2024-27838 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows malicious webpages to fingerprint users through Apple's WebKit browser engine. It affects users of Safari and Apple devices with vulnerable iOS, iPadOS, tvOS, watchOS, visionOS, or macOS versions. The issue enables tracking users across websites without their consent.

📋 TL;DR

This vulnerability allows malicious webpages to fingerprint users through Apple's WebKit browser engine. It affects users of Safari and Apple devices with vulnerable iOS, iPadOS, tvOS, watchOS, visionOS, or macOS versions. The issue enables tracking users across websites without their consent.

💻 Affected Systems

Products:

Safari
iOS
iPadOS
tvOS
watchOS
visionOS
macOS

Versions: Versions prior to those listed in fix information

Operating Systems: iOS, iPadOS, tvOS, watchOS, visionOS, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects WebKit browser engine used across Apple platforms. All default browser configurations are vulnerable.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Safari by Apple

View all CVEs affecting Safari →

Tvos by Apple

View all CVEs affecting Tvos →

Visionos by Apple

View all CVEs affecting Visionos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Persistent user tracking across websites, deanonymization, and potential correlation with other tracking methods to build detailed user profiles.

🟠

Likely Case

Enhanced user fingerprinting capabilities for advertising networks and trackers, leading to more persistent cross-site tracking.

🟢

If Mitigated

Limited tracking effectiveness when combined with other privacy protections like content blockers, private browsing, or anti-fingerprinting extensions.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user to visit malicious webpage. No authentication required. Complexity is low as it's a client-side browser vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: tvOS 17.5, iOS 16.7.8, iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5, iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5

Vendor Advisory: https://support.apple.com/en-us/HT214100

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Go to General > Software Update. 3. Install available updates. 4. Restart device when prompted. For macOS: 1. Open System Settings. 2. Go to General > Software Update. 3. Install available updates. 4. Restart computer.

🔧 Temporary Workarounds

Use alternative browser

all

Temporarily use browsers not based on WebKit engine (Chrome, Firefox, Edge) until Apple devices are patched.

Enable strict privacy settings

all

Configure Safari to block all cookies and enable privacy protections.

🧯 If You Can't Patch

Use private browsing mode for all web browsing
Install and configure content blockers that specifically block fingerprinting scripts

🔍 How to Verify

Check if Vulnerable:

Check current OS/browser version against vulnerable versions listed in Apple advisories.

Check Version:

iOS/iPadOS: Settings > General > About > Version. macOS: Apple menu > About This Mac > macOS version. Safari: Safari menu > About Safari.

Verify Fix Applied:

Verify OS/browser version matches or exceeds patched versions listed in fix information.

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript execution patterns
Multiple fingerprinting API calls from single webpage

Network Indicators:

Requests to known fingerprinting domains
Unusual cookie/session patterns

SIEM Query:

web.url CONTAINS 'fingerprint' OR web.user_agent CONTAINS unusual patterns

📊 Metadata

CVE ID: CVE-2024-27838

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE: CWE-79

Published: June 10, 2024

Last Updated: November 4, 2025

🔗 References

http://seclists.org/fulldisclosure/2024/Jun/5 Mailing List,Third Party Advisory
https://support.apple.com/en-us/HT214100 Vendor Advisory
https://support.apple.com/en-us/HT214101 Vendor Advisory
https://support.apple.com/en-us/HT214102 Vendor Advisory
https://support.apple.com/en-us/HT214103 Vendor Advisory
https://support.apple.com/en-us/HT214104 Vendor Advisory
https://support.apple.com/en-us/HT214106 Vendor Advisory
https://support.apple.com/en-us/HT214108 Vendor Advisory
http://seclists.org/fulldisclosure/2024/Jun/5 Mailing List,Third Party Advisory
https://support.apple.com/en-us/HT214100 Vendor Advisory
https://support.apple.com/en-us/HT214101 Vendor Advisory
https://support.apple.com/en-us/HT214102 Vendor Advisory
https://support.apple.com/en-us/HT214103 Vendor Advisory
https://support.apple.com/en-us/HT214104 Vendor Advisory
https://support.apple.com/en-us/HT214106 Vendor Advisory
https://support.apple.com/en-us/HT214108 Vendor Advisory
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214102
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214106
https://support.apple.com/kb/HT214108

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27838, you might also want to check these: