CVE-2024-44285 - Vulnerability Details

Vendors	Products
Apple	Ipados Iphone Os Tvos Visionos Watchos

Link	Providers
https://support.apple.com/en-us/121563
https://support.apple.com/en-us/121565
https://support.apple.com/en-us/121566
https://support.apple.com/en-us/121569

Type	Values Removed	Values Added
First Time appeared		Apple Apple ipados Apple iphone Os Apple tvos Apple visionos Apple watchos
Weaknesses		CWE-416
CPEs		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:visionos:::::::: cpe:2.3:o:apple:watchos::::::::
Vendors & Products		Apple Apple ipados Apple iphone Os Apple tvos Apple visionos Apple watchos
Metrics		cvssV3_1 `{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Description		A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
References		https://support.apple.com/en-us/121563 https://support.apple.com/en-us/121565 https://support.apple.com/en-us/121566 https://support.apple.com/en-us/121569

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-44285", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2024-08-20T21:45:40.795Z", "datePublished": "2024-10-28T21:08:25.159Z", "dateUpdated": "2024-10-30T13:24:49.662Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to cause unexpected system termination or corrupt kernel memory"}]}], "affected": [{"vendor": "Apple", "product": "visionOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "2.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "18.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "11.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "18.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory."}], "references": [{"url": "https://support.apple.com/en-us/121566"}, {"url": "https://support.apple.com/en-us/121569"}, {"url": "https://support.apple.com/en-us/121565"}, {"url": "https://support.apple.com/en-us/121563"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-10-28T21:08:25.159Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-416", "lang": "en", "description": "CWE-416 Use After Free"}]}], "affected": [{"vendor": "apple", "product": "visionos", "cpes": ["cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.1", "versionType": "custom"}]}, {"vendor": "apple", "product": "tvos", "cpes": ["cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "18.1", "versionType": "custom"}]}, {"vendor": "apple", "product": "watchos", "cpes": ["cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "11.1", "versionType": "custom"}]}, {"vendor": "apple", "product": "iphone_os", "cpes": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "18.1", "versionType": "custom"}]}, {"vendor": "apple", "product": "ipados", "cpes": ["cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "18.1", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-30T13:24:43.230780Z", "id": "CVE-2024-44285", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-30T13:24:49.662Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-44285 (string)

assignerOrgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

state : PUBLISHED (string)

assignerShortName : apple (string)

dateReserved : 2024-08-20T21:45:40.795Z (string)

datePublished : 2024-10-28T21:08:25.159Z (string)

dateUpdated : 2024-10-30T13:24:49.662Z (string)

}

containers : { »

cna : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : An app may be able to cause unexpected system termination or corrupt kernel memory (string)

}

]

}

]

affected : [ »

0 : { »

vendor : Apple (string)

product : visionOS (string)

versions : [ »

0 : { »

version : unspecified (string)

status : affected (string)

lessThan : 2.1 (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : Apple (string)

product : tvOS (string)

versions : [ »

0 : { »

version : unspecified (string)

status : affected (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : Apple (string)

product : watchOS (string)

versions : [ »

0 : { »

version : unspecified (string)

status : affected (string)

lessThan : 11.1 (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : Apple (string)

product : iOS and iPadOS (string)

versions : [ »

0 : { »

version : unspecified (string)

status : affected (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory. (string)

}

]

references : [ »

0 : { »

url : https://support.apple.com/en-us/121566 (string)

}

1 : { »

url : https://support.apple.com/en-us/121569 (string)

}

2 : { »

url : https://support.apple.com/en-us/121565 (string)

}

3 : { »

url : https://support.apple.com/en-us/121563 (string)

}

]

providerMetadata : { »

orgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

shortName : apple (string)

dateUpdated : 2024-10-28T21:08:25.159Z (string)

}

adp : [ »

0 : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-416 (string)

lang : en (string)

description : CWE-416 Use After Free (string)

}

]

}

]

affected : [ »

0 : { »

vendor : apple (string)

product : visionos (string)

cpes : [ »

0 : cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : 2.1 (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : apple (string)

product : tvos (string)

cpes : [ »

0 : cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : apple (string)

product : watchos (string)

cpes : [ »

0 : cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : 11.1 (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : apple (string)

product : iphone_os (string)

cpes : [ »

0 : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

4 : { »

vendor : apple (string)

product : ipados (string)

cpes : [ »

0 : cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 8.4 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : NONE (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-10-30T13:24:43.230780Z (string)

id : CVE-2024-44285 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-30T13:24:49.662Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-44285", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-30T13:24:43.230780Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "visionos", "versions": [{"status": "affected", "version": "0", "lessThan": "2.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "tvos", "versions": [{"status": "affected", "version": "0", "lessThan": "18.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "watchos", "versions": [{"status": "affected", "version": "0", "lessThan": "11.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "iphone_os", "versions": [{"status": "affected", "version": "0", "lessThan": "18.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "ipados", "versions": [{"status": "affected", "version": "0", "lessThan": "18.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-30T13:21:41.851Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "visionOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "2.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "18.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "11.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "18.1", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/121566"}, {"url": "https://support.apple.com/en-us/121569"}, {"url": "https://support.apple.com/en-us/121565"}, {"url": "https://support.apple.com/en-us/121563"}], "descriptions": [{"lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to cause unexpected system termination or corrupt kernel memory"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2024-10-28T21:08:25.159Z"}}}, "cveMetadata": {"cveId": "CVE-2024-44285", "state": "PUBLISHED", "dateUpdated": "2024-10-30T13:24:49.662Z", "dateReserved": "2024-08-20T21:45:40.795Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2024-10-28T21:08:25.159Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 8.4 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : NONE (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-44285 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-10-30T13:24:43.230780Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* (string)

]

vendor : apple (string)

product : visionos (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : 2.1 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

cpes : [ »

0 : cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* (string)

]

vendor : apple (string)

product : tvos (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

2 : { »

cpes : [ »

0 : cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* (string)

]

vendor : apple (string)

product : watchos (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : 11.1 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

3 : { »

cpes : [ »

0 : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

]

vendor : apple (string)

product : iphone_os (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

4 : { »

cpes : [ »

0 : cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* (string)

]

vendor : apple (string)

product : ipados (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-416 (string)

description : CWE-416 Use After Free (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-30T13:21:41.851Z (string)

}

]

cna : { »

affected : [ »

0 : { »

vendor : Apple (string)

product : visionOS (string)

versions : [ »

0 : { »

status : affected (string)

version : unspecified (string)

lessThan : 2.1 (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : Apple (string)

product : tvOS (string)

versions : [ »

0 : { »

status : affected (string)

version : unspecified (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : Apple (string)

product : watchOS (string)

versions : [ »

0 : { »

status : affected (string)

version : unspecified (string)

lessThan : 11.1 (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : Apple (string)

product : iOS and iPadOS (string)

versions : [ »

0 : { »

status : affected (string)

version : unspecified (string)

lessThan : 18.1 (string)

versionType : custom (string)

}

]

}

]

references : [ »

0 : { »

url : https://support.apple.com/en-us/121566 (string)

}

1 : { »

url : https://support.apple.com/en-us/121569 (string)

}

2 : { »

url : https://support.apple.com/en-us/121565 (string)

}

3 : { »

url : https://support.apple.com/en-us/121563 (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : An app may be able to cause unexpected system termination or corrupt kernel memory (string)

}

]

}

]

providerMetadata : { »

orgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

shortName : apple (string)

dateUpdated : 2024-10-28T21:08:25.159Z (string)

}

cveMetadata : { »

cveId : CVE-2024-44285 (string)

state : PUBLISHED (string)

dateUpdated : 2024-10-30T13:24:49.662Z (string)

dateReserved : 2024-08-20T21:45:40.795Z (string)

assignerOrgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

datePublished : 2024-10-28T21:08:25.159Z (string)

assignerShortName : apple (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012", "versionEndExcluding": "18.1", "versionStartIncluding": "18.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5", "versionEndExcluding": "18.1", "versionStartIncluding": "18.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB", "versionEndExcluding": "18.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80", "versionEndExcluding": "2.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1", "versionEndExcluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de use-after-free con una mejor gesti\u00f3n de la memoria. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, watchOS 11.1, visionOS 2.1 y tvOS 18.1. Es posible que una aplicaci\u00f3n pueda provocar la finalizaci\u00f3n inesperada del sistema o da\u00f1ar la memoria del n\u00facleo."}], "id": "CVE-2024-44285", "lastModified": "2024-10-30T18:48:49.837", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-10-28T21:15:08.520", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/121563"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/121565"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/121566"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/121569"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C1AEAF56-49F9-4F1F-993C-97ECD7BDA012 (string)

versionEndExcluding : 18.1 (string)

versionStartIncluding : 18.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5 (string)

versionEndExcluding : 18.1 (string)

versionStartIncluding : 18.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5D57FCAE-9B33-4532-BC69-BC3D35719EDB (string)

versionEndExcluding : 18.1 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 15E4723D-CD2B-4486-A69C-27F843844A80 (string)

versionEndExcluding : 2.1 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1 (string)

versionEndExcluding : 11.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory. (string)

}

1 : { »

lang : es (string)

value : Se solucionó un problema de use-after-free con una mejor gestión de la memoria. Este problema se solucionó en iOS 18.1 y iPadOS 18.1, watchOS 11.1, visionOS 2.1 y tvOS 18.1. Es posible que una aplicación pueda provocar la finalización inesperada del sistema o dañar la memoria del núcleo. (string)

}

]

id : CVE-2024-44285 (string)

lastModified : 2024-10-30T18:48:49.837 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 8.4 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.5 (number)

impactScore : 5.9 (number)

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

published : 2024-10-28T21:15:08.520 (string)

references : [ »

0 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/121563 (string)

}

1 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/121565 (string)

}

2 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/121566 (string)

}

3 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/121569 (string)

}

]

sourceIdentifier : product-security@apple.com (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-416 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-416 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object