CVE-2024-54522 – This vulnerability allows malicious application... (How to Fix)

Q: What is the severity of CVE-2024-54522?

CVE-2024-54522 has a CVSS score of 7.8 (HIGH). This vulnerability allows malicious applications to corrupt coprocessor memory on Apple devices due to insufficient bounds checking. It affects macOS, iOS, iPadOS, watchOS, and tvOS systems running vulnerable versions. Successful exploitation could lead to arbitrary code execution or system instability.

📋 TL;DR

This vulnerability allows malicious applications to corrupt coprocessor memory on Apple devices due to insufficient bounds checking. It affects macOS, iOS, iPadOS, watchOS, and tvOS systems running vulnerable versions. Successful exploitation could lead to arbitrary code execution or system instability.

💻 Affected Systems

Products:

macOS
iOS
iPadOS
watchOS
tvOS

Versions: Versions prior to macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2, and iPadOS 18.2

Operating Systems: macOS, iOS, iPadOS, watchOS, tvOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected Apple operating systems are vulnerable. The vulnerability requires a malicious app to be installed and executed.

📦 What is this software?

Ipados by Apple

View all CVEs affecting Ipados →

Iphone Os by Apple

View all CVEs affecting Iphone Os →

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

Tvos by Apple

View all CVEs affecting Tvos →

Watchos by Apple

View all CVEs affecting Watchos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with kernel-level privileges, allowing attackers to execute arbitrary code, steal sensitive data, or create persistent backdoors.

🟠

Likely Case

Application crashes, system instability, or limited data corruption within the affected app's context.

🟢

If Mitigated

Minimal impact with proper application sandboxing and security controls limiting memory access.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires a malicious application to be installed and executed on the target device. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2, iPadOS 18.2

Vendor Advisory: https://support.apple.com/en-us/121837

Restart Required: Yes

Instructions:

1. Open Settings/System Preferences. 2. Navigate to Software Update. 3. Download and install the latest available update. 4. Restart the device when prompted.

🔧 Temporary Workarounds

Application Restriction

all

Restrict installation of untrusted applications through MDM or parental controls

🧯 If You Can't Patch

Implement strict application allowlisting policies
Deploy network segmentation to isolate vulnerable devices

🔍 How to Verify

Check if Vulnerable:

Check the operating system version against affected versions listed in the advisory

Check Version:

On macOS: sw_vers -productVersion. On iOS/iPadOS: Settings > General > About > Version

Verify Fix Applied:

Verify the operating system version matches or exceeds the patched versions

📡 Detection & Monitoring

Log Indicators:

Unexpected application crashes
Kernel panic logs
Memory access violation errors

Network Indicators:

Unusual outbound connections from Apple devices
Traffic to known malicious domains

SIEM Query:

source="apple_system_logs" AND (event="kernel_panic" OR event="memory_corruption")

📊 Metadata

CVE ID: CVE-2024-54522

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

EPSS Score: 0.1% exploit probability (27.9th percentile)

Published: January 27, 2025

Last Updated: February 6, 2025

🔗 References

https://support.apple.com/en-us/121837 Release Notes
https://support.apple.com/en-us/121839 Release Notes
https://support.apple.com/en-us/121843 Release Notes
https://support.apple.com/en-us/121844 Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-54522, you might also want to check these: