Apple macOS 14.x (Sonoma) Arbitrary Code Exec via Web Content (CVE-2024-23209)
CVE-2024-23209 Published on January 23, 2024

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution.

NVD

Vulnerability Analysis

CVE-2024-23209 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Products Associated with CVE-2024-23209

Want to know whenever a new CVE is published for Apple macOS? stack.watch will email you.

Apple macOS

Affected Versions

Apple macOS:

Version unspecified and below 14.3 is affected.

Exploit Probability

EPSS

0.42%

Percentile

61.40%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Apple macOS 14.x (Sonoma) Arbitrary Code Exec via Web Content (CVE-2024-23209)CVE-2024-23209 Published on January 23, 2024

Vulnerability Analysis

Products Associated with CVE-2024-23209

Affected Versions

Exploit Probability

Apple macOS 14.x (Sonoma) Arbitrary Code Exec via Web Content (CVE-2024-23209)
CVE-2024-23209 Published on January 23, 2024