CVE-2024-54499
Published: 27 January 2025
Summary
CVE-2024-54499 is a high-severity Use After Free (CWE-416) vulnerability in Apple Ipados. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 47.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates timely patching of the use-after-free vulnerability fixed in iOS 18.2 and equivalent updates across Apple platforms.
Implements memory safety mechanisms such as address space layout randomization and stack canaries that mitigate use-after-free exploits during image processing.
Requires validation of image inputs to reject or sanitize maliciously crafted files that trigger the use-after-free vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Use-after-free in image processing enables client-side RCE via malicious image file requiring user interaction.
NVD Description
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing a maliciously crafted image may lead to arbitrary code execution.
Deeper analysisAI
CVE-2024-54499 is a use-after-free vulnerability (CWE-416) addressed through improved memory management in Apple's operating systems. It affects iOS prior to version 18.2, iPadOS prior to 18.2, macOS Sequoia prior to 15.2, tvOS prior to 18.2, visionOS prior to 2.2, and watchOS prior to 11.2. The issue arises during processing of images, potentially allowing arbitrary code execution.
With a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), the vulnerability can be exploited remotely by an unauthenticated attacker with low complexity. Exploitation requires user interaction, such as opening or viewing a maliciously crafted image, which could lead to full compromise of confidentiality, integrity, and availability through arbitrary code execution in the context of the image processing component.
Apple's security advisories confirm the issue was fixed in the listed software updates, recommending immediate patching to iOS 18.2 and equivalents across affected platforms. Detailed information is available in advisories at https://support.apple.com/en-us/121837, https://support.apple.com/en-us/121839, https://support.apple.com/en-us/121843, https://support.apple.com/en-us/121844, and https://support.apple.com/en-us/121845.
Details
- CWE(s)