Login Sign Up

CVE-2024-40788

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a type confusion vulnerability in Apple operating systems that allows a local attacker to cause unexpected system shutdowns. The issue affects multiple Apple platforms including iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. Users running vulnerable versions of these operating systems are at risk of denial-of-service attacks.

💻 Affected Systems

Products:
  • iOS
  • iPadOS
  • macOS
  • watchOS
  • tvOS
  • visionOS
Versions: Versions prior to iOS 16.7.9, iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6, iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6
Operating Systems: Apple iOS, Apple iPadOS, Apple macOS, Apple watchOS, Apple tvOS, Apple visionOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected Apple operating systems are vulnerable. The vulnerability requires local access to exploit.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Visionos by Apple

View all CVEs affecting Visionos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains kernel-level privileges leading to complete system compromise, data theft, or persistent malware installation.

🟠

Likely Case

Local attacker causes system crashes or unexpected reboots, resulting in denial-of-service and potential data loss from unsaved work.

🟢

If Mitigated

With proper access controls, impact is limited to denial-of-service from local users who already have some system access.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring physical or remote shell access to the device.
🏢 Internal Only: MEDIUM - Internal users with local access could exploit this to cause system instability or gather information for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and understanding of memory corruption techniques. Type confusion vulnerabilities can potentially lead to more severe outcomes than just denial-of-service.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: iOS 16.7.9, iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6, iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6

Vendor Advisory: https://support.apple.com/en-us/HT214108

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Go to General > Software Update. 3. Download and install the latest available update. 4. Restart device when prompted.

🔧 Temporary Workarounds

Restrict local user access

all

Limit physical and remote access to vulnerable devices to trusted users only

Enable FileVault encryption

macOS

Encrypt disk to prevent data extraction if system is compromised

sudo fdesetup enable

🧯 If You Can't Patch

  • Implement strict access controls to limit who has local access to vulnerable devices
  • Monitor system logs for unexpected shutdowns or crashes that could indicate exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check current OS version against affected versions list. On macOS: System Settings > General > About. On iOS/iPadOS: Settings > General > About.

Check Version:

macOS: sw_vers -productVersion, iOS/iPadOS: Settings > General > About > Version

Verify Fix Applied:

Verify OS version matches or exceeds patched versions listed in the fix information

📡 Detection & Monitoring

Log Indicators:

  • Unexpected system shutdowns
  • Kernel panic logs
  • Crash reports with memory corruption indicators

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

source="apple_system_logs" AND (event="shutdown" OR event="panic" OR event="crash") AND NOT user="legitimate_user"

📊 Metadata

CVE ID: CVE-2024-40788
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-843
Published: July 29, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40788, you might also want to check these:

CVE-2025-47151 9.8

A type confusion vulnerability in Entr'ouvert Lasso's SAML parsing allows remote code execution when...

Same vulnerability type (CWE-843)
CVE-2025-65570 9.8

A type confusion vulnerability in jsish 2.0 allows incorrect control flow during execution of the OP...

Same vulnerability type (CWE-843)
CVE-2020-25575 9.8

This vulnerability in the Rust failure crate (versions through 0.1.5) involves a type confusion flaw...

Same vulnerability type (CWE-843)