Cyber Resilience

CVE-2024-44308

HighCISA KEVActive ExploitationEUVD Exploited

Published: 20 November 2024

Published
20 November 2024
Modified
03 April 2026
KEV Added
21 November 2024
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0096 77.0th percentile
Risk Priority 38 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-44308 is a high-severity an unspecified weakness vulnerability in Apple Ipados. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 23.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-44308 is a vulnerability in Apple's web content processing components that was addressed through improved input validation checks. It affects Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, and visionOS 2.1.1. The flaw permits arbitrary code execution when maliciously crafted web content is processed, and carries a CVSS 3.1 score of 8.8 reflecting network attack vector, low complexity, and no required privileges.

An unauthenticated remote attacker can exploit the issue by serving malicious web content that a victim visits or renders, resulting in full arbitrary code execution on the target system with impacts to confidentiality, integrity, and availability. User interaction is required in the form of processing the crafted content.

Apple security advisories for the listed products confirm that the fixes are delivered via the updated releases and note that the issue may have been actively exploited in the wild against Intel-based Mac systems. The EPSS score rose from a low starting value to a recorded peak of 0.0186, indicating emerging post-disclosure exploitation interest that warrants renewed attention.

EU & UK References

Vulnerability details

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution.…

more

Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

CWE(s)
KEV Date Added
21 November 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

debian
debian linux
11.0
apple
safari
≤ 18.1.1
apple
ipados
≤ 17.7.2 · 18.0 — 18.1.1
apple
iphone os
≤ 17.7.2 · 18.0 — 18.1.1
apple
macos
15.0 — 15.1.1
apple
visionos
≤ 2.1.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the root cause by enforcing improved validation of untrusted web content before processing.

prevent

Requires prompt application of the vendor patches that remediate the input-validation flaw in Safari and related components.

preventdetect

Provides malicious-code detection and blocking mechanisms that can intercept exploitation attempts via crafted web content.

References