Login Sign Up

CVE-2024-40846

5.5 MEDIUM
Denial of Service

📋 TL;DR

A memory handling vulnerability in macOS video processing allows malicious video files to cause application crashes. This affects users running macOS versions before Sonoma 14.7 or Sequoia 15 who process untrusted video files. The vulnerability could lead to denial of service through unexpected application termination.

💻 Affected Systems

Products:
  • macOS
Versions: Versions before macOS Sonoma 14.7 and macOS Sequoia 15
Operating Systems: macOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the built-in video processing components in macOS. Any application using these components could be vulnerable.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Potential for arbitrary code execution if memory corruption can be leveraged beyond denial of service, though not confirmed in this advisory.

🟠

Likely Case

Unexpected application termination (denial of service) when processing malicious video files.

🟢

If Mitigated

Minimal impact if systems are patched and users avoid processing untrusted video files.

🌐 Internet-Facing: MEDIUM - Attackers could host malicious videos on websites or send via email, but requires user interaction to process.
🏢 Internal Only: LOW - Requires local file processing or internal network file sharing with malicious content.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open/process a malicious video file. No public exploit code is mentioned in the references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Sonoma 14.7, macOS Sequoia 15

Vendor Advisory: https://support.apple.com/en-us/121238

Restart Required: Yes

Instructions:

1. Open System Settings > General > Software Update. 2. Install available updates for macOS Sonoma 14.7 or Sequoia 15. 3. Restart the system when prompted.

🔧 Temporary Workarounds

Avoid untrusted video files

all

Do not open video files from untrusted sources until systems are patched.

🧯 If You Can't Patch

  • Implement application control to restrict video file processing from untrusted sources.
  • Use network filtering to block video file downloads from untrusted websites.

🔍 How to Verify

Check if Vulnerable:

Check macOS version: if running macOS Sonoma earlier than 14.7 or Sequoia earlier than 15, the system is vulnerable.

Check Version:

sw_vers

Verify Fix Applied:

Verify macOS version is Sonoma 14.7 or Sequoia 15 or later.

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs related to video processing components
  • Unexpected termination of applications handling video files

Network Indicators:

  • Downloads of video files from suspicious sources

SIEM Query:

source="application.log" AND (event="crash" OR event="terminated") AND process="*video*"

📊 Metadata

CVE ID: CVE-2024-40846
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE: CWE-79
Published: September 17, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40846, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)