CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-44309

High Severity
SVRS
40/100
CVSSv3
NA/10
EPSS
0.00237/1

CVE-2024-44309 is a cross-site scripting (XSS) vulnerability affecting Apple products. This cookie management issue can be exploited through maliciously crafted web content, potentially leading to unauthorized script execution. The vulnerability is addressed in various Apple updates, including Safari 18.1.1, iOS 17.7.2 and later, and macOS Sequoia 15.1.1. Although the SVRS score is 40, indicating a medium risk, the "In The Wild" and "Exploit Available" tags, along with the CISA KEV designation, highlight the urgency of patching this vulnerability. Apple is aware of reports suggesting active exploitation on Intel-based Mac systems. The risk associated with CVE-2024-44309 is significant due to the potential for attackers to inject malicious scripts, compromising user data and system integrity.

TAGS
In The Wild
CISA KEV
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-11-20
LAST MODIFIED2024-11-20
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-44309 describes a cross-site scripting (XSS) vulnerability in Safari, iOS, iPadOS, macOS, and visionOS. The issue stems from a flaw in cookie management, where malicious web content could potentially exploit a lack of proper state management to execute arbitrary scripts in the context of the affected browser or operating system.

SVRS: 44 indicates that this vulnerability is moderate in severity and requires attention. While the CVSS score is 0, the SVRS considers factors such as exploitation in the wild and threat actor activity, providing a more nuanced assessment.

Key Insights

  • Active Exploitation: Apple confirms this vulnerability has been actively exploited in the wild, specifically on Intel-based Mac systems. This underscores the urgency of addressing the issue.
  • Cross-Site Scripting (XSS): The vulnerability allows attackers to inject malicious scripts into trusted websites, potentially stealing sensitive information, hijacking user sessions, or executing arbitrary code within the user's context.
  • Wide Impact: The vulnerability affects a wide range of Apple products, including Safari browsers on macOS, iOS, and iPadOS, as well as the visionOS operating system. This broad impact necessitates swift remediation across all affected platforms.
  • Threat Actor Activity: While specific threat actors haven't been publicly named, the acknowledgment of exploitation in the wild indicates that malicious actors are actively targeting this vulnerability.

Mitigation Strategies

  • Update Affected Software: Immediately update all Apple devices to the latest versions of Safari, iOS, iPadOS, macOS, and visionOS. These updates include the necessary patches to address CVE-2024-44309.
  • Implement Web Application Firewalls (WAFs): WAFs can help mitigate XSS attacks by filtering and blocking malicious script injections within web traffic.
  • User Training: Educate users about the risks of clicking on suspicious links and downloading files from untrusted sources. This can help prevent them from unknowingly visiting websites containing malicious scripts.
  • Security Monitoring: Actively monitor for signs of potential compromise, such as unusual user activity, unauthorized access, or suspicious network traffic.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-443092024-11-21
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

1.838
2025-04-18
1.838 | Newly Added (101)Security Vulnerability fixed in Thunderbird 128.9.2Security Vulnerability fixed in Firefox 137.0.2Oracle MySQL CVE-2024-13176 VulnerabilityOracle JDK CVE-2024-27856 Code Injection Vulnerability
fortiguard.com
rss
forum
news
CVE-2024-44309 | Apple visionOS on Intel Cookie cross site scripting (Nessus ID 211691)
vuldb.com2025-02-24
CVE-2024-44309 | Apple visionOS on Intel Cookie cross site scripting (Nessus ID 211691) | A vulnerability was found in Apple visionOS on Intel. It has been rated as critical. This issue affects some unknown processing of the component Cookie Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-44309. The attack may be initiated remotely. Furthermore, there
vuldb.com
rss
forum
news
CVE-2024-44309 | Apple iOS/iPadOS on Intel Cookie cross site scripting (Nessus ID 211691)
vuldb.com2025-02-24
CVE-2024-44309 | Apple iOS/iPadOS on Intel Cookie cross site scripting (Nessus ID 211691) | A vulnerability was found in Apple iOS and iPadOS on Intel. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-44309. The attack can be initiated remotely. Furthermore, there is
vuldb.com
rss
forum
news
25th November – Threat Intelligence Report
lorenf2025-02-01
25th November – Threat Intelligence Report | For the latest discoveries in cyber research for the week of 25th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Library of Congress, part of the US Capitol complex and home to the world’s largest media collection, was hacked by a foreign adversary, exposing email communications between Library staff and congressional […] The post 25th November – Threat Intelligence Report appeared first on Check Point
checkpoint.com
rss
forum
news
Data Breaches Digest - Week 47 2024
Dunkie ([email protected])2025-02-01
Data Breaches Digest - Week 47 2024 | Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 18th November and 24th November 2024. 24th November <br
dbdigest.com
rss
forum
news
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA2024-12-17
CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA has added three new vulnerabilities to its&nbsp;Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-44308&nbsp;Apple Multiple Products Code Execution Vulnerability <a href="https://www.cve.org/CVERecord?id=CVE-2024-44309" title="Apple Multiple Products Cross-Site Scripting
us-cert.gov
rss
forum
news
Haftanın Siber Güvenlik Özeti: 18 Kasım – 24 Kasım
Görkem Hınçer2024-12-02
Haftanın Siber Güvenlik Özeti: 18 Kasım – 24 Kasım | Siber güvenlik dünyasında &#8220;devlet destekli saldırılar&#8221; ve &#8220;kritik zafiyetler&#8221; gibi terimleri sık sık duyuyoruz. Ancak bu terimlerin arkasında neler olup bittiğini gerçekten biliyor muyuz? Bu haftanın öne çıkan siber güvenlik haberleri, yalnızca manşetlerdeki hacker’lardan ibaret değil; dijital risklerin hayatlarımızı nasıl şekillendirdiğini gösteriyor. Telekom ağlarına yönelik saldırılar, yalnızca veri çalmakla ilgili değil; aynı zamanda bir güç gösterisi. Hacker’lar, hem bireysel hem de ticari hayatımızın merkezindeki bu ağları kontrol altına almayı hedefliyor. Yazılımlardaki kritik güvenlik açıkları (CVE&#8217;ler) ise, sıradan birer numaradan öte, günlük
siberguvenlik.web.tr
rss
forum
news

Social Media

New post from https://t.co/uXvPWJy6tj (CVE-2024-44309 | Apple Safari on Intel Cookie cross site scripting (Nessus ID 211691)) has been published on https://t.co/M3JTGjpXC6
0
0
0
1/9 🚨 @Apple patches urgent zero-days in macOS &amp; iOS. CVE-2024-44308 &amp; CVE-2024-44309 under attack! #AppleSecurity #ZeroDayThreat #CyberAlert
0
0
0
The other vulnerability is tracked as CVE-2024-44309, and when exploited, allows cross-site scripting attacks
1
0
0
Apple released patches for 2 zero-day vuln's in macOS &amp; iOS. Both bugs, linked to processing malicious web content, have been exploited on Intel-based Macs. CVE-2024-44308 allows arbitrary code execution via JavaScriptCore &amp; CVE-2024-44309 enables XSS through WebKit.
1
0
0
#Apple released emergency #security updates to fix two #zeroday #vulnerabilities (CVE-2024-44308 &amp; CVE-2024-44309) that were exploited in attacks on #Intel-based #Mac systems. #Cybersecurity #infosec https://t.co/LRA5kMGiPA https://t.co/DOa0UKDhZf
0
0
0
@Crypto_TownHall Don't underestimate the threat; CVE-2024-44308 and CVE-2024-44309 are serious vulnerabilities. Keep your devices secure ⚠️
0
0
0
🛡️ We added #Oracle #AgilePLM &amp; #Apple vulnerabilities, CVE-2024-21287, CVE-2024-44308, &amp; CVE-2024-44309, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf &amp; apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/XFxmHEvTWB
0
1
6
CISACyber RT: 🛡️ We added #Oracle #AgilePLM &amp; #Apple vulnerabilities, CVE-2024-21287, CVE-2024-44308, &amp; CVE-2024-44309, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/bLjkLHuWBi &amp; apply mitigations to protect your org from cyberatt… https://t.co/Dy36aQebat
0
0
0
Apple Urgently Patches Actively Exploited Zero-Days Though information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309. https://t.co/pntYNA29KO
0
0
0
Apple fixes 2 #zerodays exploited to breach #macOS systems (CVE-2024-44309, CVE-2024-44308): https://t.co/XoHI2Q4BSj #cybersecurity
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://support.apple.com/en-us/121752
[email protected]https://support.apple.com/en-us/121753
[email protected]https://support.apple.com/en-us/121754
[email protected]https://support.apple.com/en-us/121755
[email protected]https://support.apple.com/en-us/121756

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence