Login Sign Up

CVE-2024-27847

5.5 MEDIUM

📋 TL;DR

This vulnerability allows an app to bypass privacy preferences on Apple devices, potentially accessing sensitive user data without proper consent. It affects iOS, iPadOS, and macOS systems running versions before the security updates. Users who haven't updated their Apple devices are vulnerable to privacy violations.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
Versions: Versions before iOS 17.5, iPadOS 17.5, and macOS Sonoma 14.5
Operating Systems: iOS, iPadOS, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running affected versions are vulnerable by default. The vulnerability is in the operating system's privacy controls.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious app could access sensitive user data (contacts, photos, location, etc.) without user consent, leading to privacy breaches and potential data theft.

🟠

Likely Case

Apps could access privacy-protected resources they shouldn't have permission to, violating user privacy expectations.

🟢

If Mitigated

With proper app vetting and user permission controls, impact is limited to apps that users intentionally install.

🌐 Internet-Facing: LOW - This is primarily a local app vulnerability, not directly exploitable over the internet.
🏢 Internal Only: MEDIUM - Malicious or compromised apps on user devices could exploit this to access protected data.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious app to be installed on the target device. No public exploit code has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5

Vendor Advisory: https://support.apple.com/en-us/HT214101

Restart Required: Yes

Instructions:

1. Go to Settings > General > Software Update. 2. Download and install iOS 17.5/iPadOS 17.5/macOS Sonoma 14.5. 3. Restart device after installation completes.

🔧 Temporary Workarounds

Restrict App Installation

all

Only install apps from trusted sources and review app permissions carefully.

Review App Permissions

all

Regularly review and revoke unnecessary app permissions in privacy settings.

🧯 If You Can't Patch

  • Restrict installation of new apps and only use trusted applications
  • Implement mobile device management (MDM) to control app installation and permissions

🔍 How to Verify

Check if Vulnerable:

Check device version in Settings > General > About > Software Version

Check Version:

iOS/iPadOS: Settings > General > About > Software Version. macOS: Apple menu > About This Mac

Verify Fix Applied:

Verify version is iOS 17.5 or later, iPadOS 17.5 or later, or macOS Sonoma 14.5 or later

📡 Detection & Monitoring

Log Indicators:

  • Unusual app behavior accessing privacy-protected resources
  • Multiple permission requests from same app

Network Indicators:

  • Unusual data exfiltration patterns from apps

SIEM Query:

Search for app permission changes or privacy setting modifications in system logs

📊 Metadata

CVE ID: CVE-2024-27847
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CWE: CWE-277
Published: May 14, 2024
Last Updated: December 9, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27847, you might also want to check these:

CVE-2024-36539 9.8

This vulnerability in Contour v1.28.3 allows attackers to access Kubernetes service account tokens d...

Same vulnerability type (CWE-277)
CVE-2023-27842 8.8

This vulnerability allows remote attackers to execute arbitrary code on systems running eXtplorer Fi...

Same vulnerability type (CWE-277)
CVE-2024-34329 8.4

This vulnerability allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges...

Same vulnerability type (CWE-277)