CVE-2024-23278: An app may be able to break out of its sandbox in Apple tvOS
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.
CVE-2024-23278: An app may be able to break out of its sandbox in Apple tvOS
Description
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-01-12T22:22:21.499Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 690a47556d939959c8022a87
Added to database: 11/4/2025, 6:35:01 PM
Last updated: 11/4/2025, 6:35:03 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2024-23277: An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard in Apple iOS and iPadOS
MediumCVE-2024-23276: An app may be able to elevate privileges in Apple macOS
HighCVE-2024-23275: An app may be able to access protected user data in Apple macOS
MediumCVE-2024-23274: An app may be able to elevate privileges in Apple macOS
HighCVE-2024-23273: Private Browsing tabs may be accessed without authentication in Apple iOS and iPadOS
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.