Apple Releases Fixes for Actively Exploited Zero-day Vulnerabilities (CVE-2024-44308 & CVE-2024-44309)

Apple Safari, macOS Sequoia, iOS, and iPadOS are vulnerable to two security flaws being exploited in the wild. In the advisory, Apple mentioned that they are aware of a report that the vulnerabilities have been actively exploited on Intel-based Mac systems. Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group discovered both CVE-2024-44308 and CVE-2024-44309.

Successful exploitation of the vulnerabilities may allow an attacker to execute arbitrary code on the target system.

CISA added both CVEs to its Known Exploited Vulnerabilities Catalog, acknowledging their active exploitation. CISA urged users to patch the vulnerabilities before December 12, 2024.

CVE-2024-44308

The vulnerability in the JavaScriptCore may lead to arbitrary code execution by processing maliciously crafted web content. Apple addressed the vulnerability with improved checks.

CVE-2024-44309

The vulnerability in the WebKit may lead to cross-site scripting by processing maliciously crafted web content. Apple addressed the vulnerability with improved state management.

Affected Products and Versions

  • iPhone XS and later
  • iPad 7th generation and later
  • iPad 6th generation and later
  • iPad Air 3rd generation and later
  • iPad Air 3rd generation and later
  • iPad mini 5th generation and later
  • iPad mini 5th generation and later
  • iPad Pro 11-inch 1st generation and later
  • Apple Safari Versions Before Safari18.1.1
  • Apple macOS Sequoia Versions Before 15.1.1
  • iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later
  • iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later
  • iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later 

Mitigation

Apple released the following versions to patch the vulnerabilities:

  • Safari 18.1.1
  • macOS Sequoia 15.1.1
  • iOS 17.7.2 and iPadOS 17.7.2
  • iOS 18.1.1 and iPadOS 18.1.1

For more information, please visit the Apple security advisories for Safari, macOS SequoiaiOS, and iPadOS.

Qualys Detection

Qualys customers can scan their devices with QIDs 610596, 610595, 382385, and 382382 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.

References
https://support.apple.com/en-us/121756 
https://support.apple.com/en-us/121754 
https://support.apple.com/en-us/121753
https://support.apple.com/en-us/121752

Leave a Reply

Your email address will not be published. Required fields are marked *