CVE-2024-27848

Exploited in the Wild

NIST CVSS Scores

CVSS v3.1 Base Score: 7.8 (High)

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA CVSS Scores

CVSS v3.1 Base Score: 7.4 (High)

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Operating Systems Impacted

macOS Sonoma (prior to 14.5)
iOS (prior to 17.5)
iPadOS (prior to 17.5)

Additional Resources

NVD CVE-2024-27848
macOS Sonoma 14.5
iOS 17.5 and iPadOS 17.5

Description

CVE-2024-27848 is a security vulnerability in Apple's operating systems that could allow a malicious app to gain root privileges. The issue was addressed by Apple through improved permissions checking in macOS Sonoma 14.5, iOS 17.5, and iPadOS 17.5.

Impact

Exploitation of this vulnerability could lead to unauthorized elevation of privileges by a malicious application. The severity of this issue has been assessed as follows: