CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-44259

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00077/1

CVE-2024-44259 allows attackers to misuse trust relationships to download malicious content. This issue is resolved in several Apple operating systems.

CVE-2024-44259 is a vulnerability affecting iOS, iPadOS, macOS, and visionOS, potentially allowing an attacker to bypass security measures. The flaw stems from improper state management during the download process. Successful exploitation could enable the download and execution of malicious code. While the CVSS score is 0, SOCRadar's Vulnerability Risk Score (SVRS) is 30. Although not critical (above 80), it's crucial to update to the patched versions (iOS 17.7.1, iPadOS 17.7.1, visionOS 2.1, iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1) to mitigate risks.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-10-28
LAST MODIFIED2024-10-29

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-44259 | Apple iOS/iPadOS state issue (Nessus ID 211696)
vuldb.com2025-03-02
CVE-2024-44259 | Apple iOS/iPadOS state issue (Nessus ID 211696) | A vulnerability classified as problematic was found in Apple iOS and iPadOS. This vulnerability affects unknown code. The manipulation leads to state issue. This vulnerability was named CVE-2024-44259. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com
rss
forum
news
CVE-2024-44259 | Apple visionOS state issue (Nessus ID 211696)
vuldb.com2025-03-02
CVE-2024-44259 | Apple visionOS state issue (Nessus ID 211696) | A vulnerability classified as problematic has been found in Apple visionOS. This affects an unknown part. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2024-44259. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com
rss
forum
news
Apple visionOS 2.1 Released with Fix for Multiple Security Vulnerabilities - CybersecurityNews
2024-10-29
Apple visionOS 2.1 Released with Fix for Multiple Security Vulnerabilities - CybersecurityNews | News Content: Apple has recently rolled out the visionOS 2.1 update for its Apple Vision Pro mixed reality headset, addressing many critical security vulnerabilities that could have significant implications for user privacy and device integrity. The update includes fixes for over 25 security issues that could allow malicious actors to execute arbitrary code, access sensitive data, or cause system crashes. Among the most significant vulnerabilities patched is a kernel memory corruption issue that could enable apps to cause unexpected system termination or corrupt kernel memory. The update also addresses
google.com
rss
forum
news
Apple Vision Pro Vulnerabilities Addressed in visionOS 2.1 - The Cyber Express
2024-10-29
Apple Vision Pro Vulnerabilities Addressed in visionOS 2.1 - The Cyber Express | News Content: Apple has launched the highly anticipated visionOS 2.1 update for its innovative mixed reality headset, the Apple Vision Pro. This update is particularly important as it addresses a range of Apple Vision Pro vulnerabilities that could pose serious risks to user privacy and device security. The visionOS 2.1 update incorporates solutions for over 25 identified security flaws, some of which could allow malicious actors to execute arbitrary code, access sensitive information, or even crash the system. Among the most alarming vulnerabilities fixed is a kernel memory corruption
google.com
rss
forum
news
Apple visionOS 2.1 Released with Fix for Multiple Security Vulnerabilities
Guru Baran2024-10-29
Apple visionOS 2.1 Released with Fix for Multiple Security Vulnerabilities | Apple has recently rolled out the visionOS 2.1 update for its Apple Vision Pro mixed reality headset, addressing many critical security vulnerabilities that could have significant implications for user privacy and device integrity. The update includes fixes for over 25 security issues that could allow malicious actors to execute arbitrary code, access sensitive data, or […] The post Apple visionOS 2.1 Released with Fix for Multiple Security Vulnerabilities appeared
cybersecuritynews.com
rss
forum
news
Apple Updates Everything, (Mon, Oct 28th)
2024-10-28
Apple Updates Everything, (Mon, Oct 28th) | Today, Apple released updates for all of its operating systems. These updates include new AI features. For iOS 18 users, the only upgrade path is iOS 18.1, which includes the AI features. Same for users of macOS 15 Sequoia. For older operating systems versions (iOS 17, macOS 13, and 14), patches are made available, addressing only the security issues.
Today, Apple released updates for all of its operating systems. These updates include new AI features. For iOS 18 users, the only upgrade path is
sans.edu
rss
forum
news

Social Media

Two vulnerabilities now patched of Safari and WebKit iOS 18.1 📌 CVE-2024-44259: Trust relationship misuse to download malicious content. 📌 CVE-2024-44296: Bypass of Content Security Policy (CSP) enforcement via malicious web content. Thanks to @Apple Security for their swift https://t.co/n54OMCYvOu
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://support.apple.com/en-us/121563
[email protected]https://support.apple.com/en-us/121566
[email protected]https://support.apple.com/en-us/121567
[email protected]https://support.apple.com/en-us/121563
[email protected]https://support.apple.com/en-us/121564
[email protected]https://support.apple.com/en-us/121566
[email protected]https://support.apple.com/en-us/121567
[email protected]https://support.apple.com/en-us/121571

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence