CVE-2024-27820: Processing web content may lead to arbitrary code execution in Apple iOS and iPadOS
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.
CVE-2024-27820: Processing web content may lead to arbitrary code execution in Apple iOS and iPadOS
Description
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-02-26T15:32:28.523Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 690a3b63ff58c9332ff097dc
Added to database: 11/4/2025, 5:44:03 PM
Last updated: 11/4/2025, 5:44:06 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2024-27863: A local attacker may be able to determine kernel memory layout in Apple iOS and iPadOS
MediumCVE-2024-27862: Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled in Apple macOS
MediumCVE-2024-27851: Processing maliciously crafted web content may lead to arbitrary code execution in Apple iOS and iPadOS
HighCVE-2024-27850: A maliciously crafted webpage may be able to fingerprint the user in Apple iOS and iPadOS
MediumCVE-2024-27838: A maliciously crafted webpage may be able to fingerprint the user in Apple iOS and iPadOS
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.