Apple Vulnerabilities List
Discover past and present critical vulnerabilities in Apple products to enhance your security awareness.
Understanding Apple Device Vulnerabilities
Explore the critical vulnerabilities in Apple's iOS and how they impact users. Stay informed about security risks and learn how to protect your devices effectively. Many devices on the market contain vulnerabilities, Apple is not an exception.
1500+
3+
Trusted Sources
Vulnerabilities over time
iOS vulnerabilities are vast, like the ocean.
Apple Inc. iOS Vulnerabilities Enabling Arbitrary Code Execution (With Potential to Enable Full Device Takeover + Data Leak)
Last Updated : 11/28/14
Below is a chronological list of notable vulnerabilities of various types in Apple Inc.'s product ecosystem that enable arbitrary code execution.
These vulnerabilities, once exploited, can allow an attacker to execute code on a device with user-level or even root-level privileges, bypassing iOS security measures.
The list includes descriptions, CVE identifiers (when available), affected versions, and other relevant details for each entry. An attack example would be to have the entirety of the data stored on your phone stolen.
Current:
SEVERE WARNING :https://techcrunch.com/2024/11/19/apple-says-mac-users-targeted-in-zero-day-cyberattacks/ MAC ACE ATTACKS
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2024-121 (iOS 17.x and prior)
Date Issued: 10/27/2024 RECENT
IOS 18.1 ; https://securityonline.info/poc-exploit-releases-for-critical-symlink-flaw-in-apples-ios-cve-2024-44258/ : severity high
1. CVE-2007-3743 (iOS 1.0)
Date Discovered: 2007
Affected Versions: iOS 1.0 (iPhone OS 1.0)
Vulnerability Type: Buffer Overflow
Details: Buffer overflow vulnerability in Safari that allowed remote code execution via a crafted webpage.
Fix: Patched in subsequent iOS updates.
Source: CVE-2007-3743
CVE-2007-3753Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service (application termination) and execute arbitrary code via crafted Service Discovery Protocol (SDP) packets, related to insufficient input validation.
2. CVE-ID: CVE-2009-2206 (iOS 3.x)
Available for: iPhone OS 1.0 through 3.0.1, iPhone OS for iPod touch 1.1 through 3.0 Impact: Opening a maliciously crafted AAC or MP3 file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in the handling of AAC and MP3 files. Opening a maliciously crafted AAC or MP3 file may lead to an unexpected application termination or arbitrary code execution.
Date Discovered: 2009
Affected Versions: iOS 3.x (iPhone OS 3.0, 3.1)
Vulnerability Type: Buffer Overflow
Patched
Source: CVE-2009-0071
3. CVE-2011-0164
Date Discovered: 2011
Affected Versions: Itunes 10.2 w/Windows
Vulnerability Type: Stack Buffer Overflow
Details: Buffer overflow in WebKit that could lead to remote code execution via a specially crafted web page.
Fix: Patched in iOS 4.3.1.
Source: CVE-2011-0164
4. CVE-2014-4451 (iOS 7.x)
Date Discovered: 2014
Affected Versions: Before iOS 8.1.1
Vulnerability Type: Device Access
Details: The OS does not properly enforce passcode limits, allowing an attacker to break into the phone much easier.
Fix: Patched in iOS 8.1.1
5. CVE-2015-1130 Apple OS X
Date Discovered: 2015
Vulnerability Type: Priveledge Escalation into ACE
Details: The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
Fix: Patched
6. CVE-2016-4655 (iOS 9.x)
Date Discovered: 2016
Affected Versions: iOS Before 9.3.5
Vulnerability Type: Data Leak
Details: The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
Fix: Patched
7. CVE-2017-7055 (iOS 10.x)
Date Discovered: 2017
Affected Versions: iOS 10.0 - 10.3.3
Vulnerability Type: Memory Corruption
Details: A WebKit memory corruption vulnerability that allowed arbitrary code execution via malicious web content.
Fix: Patched in
8. CVE-2018-4087
Date Discovered: 2018
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
10. CVE-2021-30860 Detail
11. CVE-2022-32917 (iOS 15.x)
Date Discovered: 2022
Details: The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Fix: Patched
12. CVE-2023-27997 (iOS 16.x)
Date Discovered: 2023
Affected Versions: iOS 16.0 - 16.2
Vulnerability Type: Kernel Vulnerability
Details: A kernel vulnerability that allowed attackers to execute arbitrary code with elevated privileges, leading to full system compromise.
Source:
Conclusion
Throughout the years, Apple has made substantial progress in strengthening iOS security by implementing more advanced protections, including code signing, the Secure Enclave, App Sandbox, and more. However, vulnerabilities enabling arbitrary code execution still emerge, particularly in system components like WebKit and the iOS kernel. As these vulnerabilities have the potential to be exploited in targeted attacks, Apple has consistently worked to patch them in a timely manner. Regular updates and security patches remain crucial to protecting iOS devices from malicious exploits. Despite this, Apple has advertised and portrayed a powerfully secure device to the general public and especially their users.
Below are sources for various additional vulnerabilities on various Apple products, all high severity.
https://www.tomsguide.com/computing/macbooks/unpatchable-vulnerability-discovered-in-apple-m1-m2-and-m3-chips-what-you-need-to-know
https://9to5mac.com/2024/03/22/unpatchable-security-flaw-mac/
https://techwireasia.com/2023/08/checking-apple-products-are-they-really-impenetrable/
Apple published article: https://support.apple.com/en-gb/100100
About the security content of iOS 18.1 and iPadOS 18.1
Released October 28, 2024
Accessibility
Available for: iPhone XS and later
Impact: An attacker with physical access to a locked device may be able to view sensitive user information
Description: The issue was addressed with improved authentication.
CVE-2024-44274: Rizki Maulana (rmrizki.my.id), Matthew Butler, Jake Derouin
App Support
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: A malicious app may be able to run arbitrary shortcuts without user consent
Description: A path handling issue was addressed with improved logic.
CVE-2024-44255: an anonymous researcher
AppleAVD
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Parsing a maliciously crafted video file may lead to unexpected system termination
Description: The issue was addressed with improved bounds checks.
CVE-2024-44232: Ivan Fratric of Google Project Zero
CVE-2024-44233: Ivan Fratric of Google Project Zero
CVE-2024-44234: Ivan Fratric of Google Project Zero
Entry added November 1, 2024
CoreMedia Playback
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: A malicious app may be able to access private information
Description: This issue was addressed with improved handling of symlinks.
CVE-2024-44273: pattern-f (@pattern_F_), Hikerell of Loadshine Lab
CoreText
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: The issue was addressed with improved checks.
CVE-2024-44240: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
CVE-2024-44302: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
Foundation
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2024-44282: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
ImageIO
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Processing an image may result in disclosure of process memory
Description: This issue was addressed with improved checks.
CVE-2024-44215: Junsung Lee working with Trend Micro Zero Day Initiative
ImageIO
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted message may lead to a denial-of-service
Description: The issue was addressed with improved bounds checks.
CVE-2024-44297: Jex Amro
IOSurface
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to cause unexpected system termination or corrupt kernel memory
Description: A use-after-free issue was addressed with improved memory management.
CVE-2024-44285: an anonymous researcher
iTunes
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: A remote attacker may be able to break out of Web Content sandbox
Description: A custom URL scheme handling issue was addressed with improved input validation.
CVE-2024-40867: Ziyi Zhou (@Shanghai Jiao Tong University), Tianxiao Hou (@Shanghai Jiao Tong University)
Kernel
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: An information disclosure issue was addressed with improved private data redaction for log entries.
CVE-2024-44239: Mateusz Krzywicki (@krzywix)
Managed Configuration
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files
Description: This issue was addressed with improved handling of symlinks.
CVE-2024-44258: Hichem Maloufi, Christian Mina, Ismail Amzdak
MobileBackup
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files
Description: A logic issue was addressed with improved file handling.
CVE-2024-44252: Nimrat Khalsa, Davis Dai, James Gill (@jjtech@infosec.exchange)
Pro Res
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to cause unexpected system termination or corrupt kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2024-44277: an anonymous researcher and Yinyi Wu(@_3ndy1) from Dawn Security Lab of JD.com, Inc.
Safari Downloads
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An attacker may be able to misuse a trust relationship to download malicious content
Description: This issue was addressed through improved state management.
CVE-2024-44259: Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)
Safari Private Browsing
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Private browsing may leak some browsing history
Description: An information leakage was addressed with additional validation.
CVE-2024-44229: Lucas Di Tomase
SceneKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted file may lead to heap corruption
Description: This issue was addressed with improved checks.
CVE-2024-44218: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative
Shortcuts
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2024-44254: Kirin (@Pwnrin)
Shortcuts
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
CVE-2024-44269: an anonymous researcher
Siri
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2024-44194: Rodolphe Brunetti (@eisw0lf)
Siri
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An attacker with physical access may be able to access contact photos from the lock screen
Description: This issue was addressed by restricting options offered on a locked device.
CVE-2024-40851: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India, Srijan Poudel
Siri
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: A logic issue was addressed with improved state management.
CVE-2024-44263: Kirin (@Pwnrin) and 7feilee
Siri
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: A sandboxed app may be able to access sensitive user data in system logs
Description: An information disclosure issue was addressed with improved private data redaction for log entries.
CVE-2024-44278: Kirin (@Pwnrin)
Spotlight
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An attacker may be able to view restricted content from the lock screen
Description: This issue was addressed through improved state management.
CVE-2024-44251: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India
Spotlight
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An attacker may be able to view restricted content from the lock screen
Description: The issue was addressed with improved checks.
CVE-2024-44235: Rizki Maulana (rmrizki.my.id), Dalibor Milanovic, Richard Hyunho Im (@richeeta) with Route Zero Security
VoiceOver
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: An attacker may be able to view restricted content from the lock screen
Description: This issue was addressed by restricting options offered on a locked device.
CVE-2024-44261: Braylon (@softwarescool)
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 278765
CVE-2024-44296: Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: A memory corruption issue was addressed with improved input validation.
WebKit Bugzilla: 279780
CVE-2024-44244: an anonymous researcher, Q1IQ (@q1iqF) and P1umer (@p1umer)
