CVE-2024-54522
Published: 27 January 2025
Summary
CVE-2024-54522 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 17.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-16 implements memory protection safeguards such as address space layout randomization and non-executable memory to prevent out-of-bounds writes that corrupt coprocessor memory.
SI-10 mandates validation of inputs including bounds checks to block memory corruption from insufficient checks in app interactions with coprocessor memory.
SI-2 requires identification and patching of flaws like this bounds check vulnerability, ensuring systems are updated to fixed Apple versions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local out-of-bounds write in Apple OS kernels/coprocessors directly enables privilege escalation from a low-privileged app process.
NVD Description
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
Deeper analysisAI
CVE-2024-54522 is a memory corruption vulnerability stemming from insufficient bounds checks, classified as CWE-787 (Out-of-bounds Write). It affects Apple's iOS prior to version 18.2, iPadOS prior to 18.2, macOS Sequoia prior to 15.2, tvOS prior to 18.2, and watchOS prior to 11.2. The flaw allows an app to corrupt coprocessor memory, with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The vulnerability was published on 2025-01-27.
A local attacker with low privileges, such as one running a malicious app on the device, can exploit this issue with low complexity and no user interaction required. Successful exploitation enables corruption of coprocessor memory, resulting in high impacts to confidentiality, integrity, and availability.
Apple's security advisories confirm the issue was fixed with improved bounds checks in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, and watchOS 11.2. Mitigation involves updating affected devices to these versions or later, as detailed in the following support pages: https://support.apple.com/en-us/121837, https://support.apple.com/en-us/121839, https://support.apple.com/en-us/121843, and https://support.apple.com/en-us/121844.
Details
- CWE(s)