CVE-2024-44258: Restoring a maliciously crafted backup file may lead to modification of protected system files in Apple visionOS
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.
CVE-2024-44258: Restoring a maliciously crafted backup file may lead to modification of protected system files in Apple visionOS
Description
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-08-20T21:45:40.786Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 690929a9fe7723195e0fd61a
Added to database: 11/3/2025, 10:16:09 PM
Last updated: 11/3/2025, 10:20:23 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2024-4032: Vulnerability in Python Software Foundation CPython
HighCVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS
HighCVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS
MediumCVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS
MediumCVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS
LowActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.