CVE-2024-27804: An app may be able to cause unexpected system termination in Apple iOS and iPadOS
CVE-2024-27804 is a high-severity vulnerability affecting Apple iOS, iPadOS, and macOS Sonoma that allows a local app to cause unexpected system termination due to improper memory handling. The issue was addressed by Apple with improved memory management in iOS 17. 5, iPadOS 17. 5, and macOS Sonoma 14. 5. This vulnerability does not require user interaction or privileges but has a high attack complexity. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
CVE-2024-27804 is a vulnerability in Apple’s operating systems (iOS, iPadOS, macOS Sonoma) where an app may trigger unexpected system termination through improper memory handling. The flaw was mitigated by Apple in the 17.5 releases of iOS and iPadOS and macOS Sonoma 14.5 by improving memory management. The CVSS 3.1 score is 8.1 (high), reflecting local attack vector with high complexity but no privileges or user interaction required, and impacts confidentiality, integrity, and availability. The vendor advisory confirms the fix is included in these OS versions.
Potential Impact
An attacker with local access to a vulnerable device could cause the system to terminate unexpectedly, potentially leading to denial of service or disruption of normal device operation. The vulnerability affects confidentiality, integrity, and availability as per the CVSS vector, but no active exploitation has been observed in the wild.
Mitigation Recommendations
Apple has released official patches addressing this vulnerability in iOS 17.5, iPadOS 17.5, and macOS Sonoma 14.5. Users and administrators should update affected devices to these versions or later to remediate the issue. No additional mitigation actions are required beyond applying the official updates.
CVE-2024-27804: An app may be able to cause unexpected system termination in Apple iOS and iPadOS
Description
CVE-2024-27804 is a high-severity vulnerability affecting Apple iOS, iPadOS, and macOS Sonoma that allows a local app to cause unexpected system termination due to improper memory handling. The issue was addressed by Apple with improved memory management in iOS 17. 5, iPadOS 17. 5, and macOS Sonoma 14. 5. This vulnerability does not require user interaction or privileges but has a high attack complexity. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-27804 is a vulnerability in Apple’s operating systems (iOS, iPadOS, macOS Sonoma) where an app may trigger unexpected system termination through improper memory handling. The flaw was mitigated by Apple in the 17.5 releases of iOS and iPadOS and macOS Sonoma 14.5 by improving memory management. The CVSS 3.1 score is 8.1 (high), reflecting local attack vector with high complexity but no privileges or user interaction required, and impacts confidentiality, integrity, and availability. The vendor advisory confirms the fix is included in these OS versions.
Potential Impact
An attacker with local access to a vulnerable device could cause the system to terminate unexpectedly, potentially leading to denial of service or disruption of normal device operation. The vulnerability affects confidentiality, integrity, and availability as per the CVSS vector, but no active exploitation has been observed in the wild.
Mitigation Recommendations
Apple has released official patches addressing this vulnerability in iOS 17.5, iPadOS 17.5, and macOS Sonoma 14.5. Users and administrators should update affected devices to these versions or later to remediate the issue. No additional mitigation actions are required beyond applying the official updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-02-26T15:32:28.517Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69ceb81fe6bfc5ba1df6e55e
Added to database: 4/2/2026, 6:40:31 PM
Last enriched: 4/9/2026, 11:12:20 PM
Last updated: 5/20/2026, 1:40:13 AM
Views: 26
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.