CVE-2024-23222

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/HT214055	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214059	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214061	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214055	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214056	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214057	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214058	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214059	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214061	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214063	Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2024/Feb/6	Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/34	Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/40	Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/	Broken Link
https://support.apple.com/en-us/HT214055	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214059	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214061	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214055	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214056	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214057	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214058	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214059	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214061	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214063	Release Notes Vendor Advisory
https://support.apple.com/kb/HT214070	Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-23222	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::

History

05 Nov 2025, 19:16

Type	Values Removed	Values Added
First Time		Apple visionos
CPE		cpe:2.3:o:apple:visionos::::::::
References		() http://seclists.org/fulldisclosure/2024/Feb/6 - Third Party Advisory () http://seclists.org/fulldisclosure/2024/Jan/34 - Third Party Advisory () http://seclists.org/fulldisclosure/2024/Jan/40 - Third Party Advisory () https://lists.fedoraproject.org/archives/list/[email protected]/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/ - Broken Link () https://support.apple.com/kb/HT214070 - Vendor Advisory

Information

Published : 2024-01-23 01:15

Updated : 2025-11-05 19:16

NVD link : CVE-2024-23222

Mitre link : CVE-2024-23222

CVE.ORG link : CVE-2024-23222

JSON object : View

Products Affected

apple

visionos
ipados
iphone_os
tvos
macos

CWE

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

8.8 /10