Cyber Resilience

CVE-2024-44142

High

Published: 30 January 2025

Published
30 January 2025
Modified
18 March 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0008 22.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-44142 is a high-severity an unspecified weakness vulnerability in Apple Garageband. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 22.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-44142 is a vulnerability addressed through improved bounds checks in GarageBand. It affects GarageBand versions prior to 10.4.12, where processing a maliciously crafted image may lead to arbitrary code execution.

The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A local attacker with no privileges can exploit it via low-complexity means that require user interaction, such as convincing a user to process the malicious image in GarageBand, potentially achieving arbitrary code execution with high impacts on confidentiality, integrity, and availability.

Apple's advisory confirms the issue is fixed in GarageBand 10.4.12. Additional details are available in the Apple support page at https://support.apple.com/en-us/121866 and the Full Disclosure mailing list post at http://seclists.org/fulldisclosure/2025/Feb/2.

EU & UK References

Vulnerability details

The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Arbitrary code execution via malicious image file in client application (GarageBand) directly maps to client-side exploitation and user-assisted malicious file execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-20611Same vendor: Apple
CVE-2026-20616Same vendor: Apple
CVE-2024-54499Same vendor: Apple
CVE-2026-28990Same vendor: Apple
CVE-2025-43202Same vendor: Apple
CVE-2025-43264Same vendor: Apple
CVE-2024-54523Same vendor: Apple
CVE-2025-24190Same vendor: Apple
CVE-2026-28905Same vendor: Apple
CVE-2026-28941Same vendor: Apple

Affected Assets

apple
garageband
≤ 10.4.12

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 requires timely identification, reporting, and patching of flaws like the bounds check vulnerability in GarageBand, directly preventing exploitation by applying the fix in version 10.4.12.

prevent

SI-10 mandates validation of input content prior to processing, directly addressing the lack of bounds checks that allowed malicious images to trigger arbitrary code execution in GarageBand.

prevent

SI-16 enforces memory protections such as address space layout randomization and non-executable memory to prevent arbitrary code execution from bounds check failures during image processing.

References