CVE-2024-54507
Published: 27 January 2025
Summary
CVE-2024-54507 is a medium-severity Type Confusion (CWE-843) vulnerability in Apple Ipados. Its CVSS base score is 5.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked at the 31.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-54507 is a type confusion vulnerability addressed through improved memory handling in Apple operating systems. It affects iOS versions prior to 18.2, iPadOS versions prior to 18.2, and macOS Sequoia versions prior to 15.2. Associated with CWE-843 (Type Confusion) and CWE-125 (Out-of-bounds Read), the issue carries a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
A local attacker with user privileges can exploit this vulnerability with low attack complexity and no user interaction. Exploitation enables reading of kernel memory, providing high confidentiality impact while leaving integrity and availability unaffected.
Apple's security content advisories confirm the issue was fixed in iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2. Additional details are available at https://support.apple.com/en-us/121837 and https://support.apple.com/en-us/121839.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-52606
Vulnerability details
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An attacker with user privileges may be able to read kernel memory.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Kernel memory disclosure via local type confusion directly enables credential access through exploitation (T1212) and facilitates OS credential dumping (T1003) by exposing sensitive kernel data.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses type confusion and out-of-bounds read vulnerabilities through controls minimizing the impact of memory handling flaws that enable kernel memory disclosure.
Ensures timely remediation of known flaws like CVE-2024-54507 via patching, preventing local privilege exploitation for kernel memory reads.
Enforces process isolation between user-mode and kernel-mode to limit unauthorized access to kernel memory even if type confusion occurs.