Search for vulnerabilities
Vulnerability details: VCID-kfn2-9yvt-k7av
Vulnerability ID VCID-kfn2-9yvt-k7av
Aliases CVE-2024-54543
Summary The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54543.json
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2024-54543
cvssv3.1 8.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2024-54543
cvssv3.1 8.8 https://support.apple.com/en-us/121837
ssvc Track https://support.apple.com/en-us/121837
cvssv3.1 8.8 https://support.apple.com/en-us/121839
ssvc Track https://support.apple.com/en-us/121839
cvssv3.1 8.8 https://support.apple.com/en-us/121843
ssvc Track https://support.apple.com/en-us/121843
cvssv3.1 8.8 https://support.apple.com/en-us/121844
ssvc Track https://support.apple.com/en-us/121844
cvssv3.1 8.8 https://support.apple.com/en-us/121845
ssvc Track https://support.apple.com/en-us/121845
cvssv3.1 8.8 https://support.apple.com/en-us/121846
ssvc Track https://support.apple.com/en-us/121846
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54543.json
https://api.first.org/data/v1/epss?cve=CVE-2024-54543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54543
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
121837 https://support.apple.com/en-us/121837
121839 https://support.apple.com/en-us/121839
121843 https://support.apple.com/en-us/121843
121844 https://support.apple.com/en-us/121844
121845 https://support.apple.com/en-us/121845
121846 https://support.apple.com/en-us/121846
2344619 https://bugzilla.redhat.com/show_bug.cgi?id=2344619
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2024-54543 https://nvd.nist.gov/vuln/detail/CVE-2024-54543
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
RHSA-2025:1957 https://access.redhat.com/errata/RHSA-2025:1957
RHSA-2025:1958 https://access.redhat.com/errata/RHSA-2025:1958
RHSA-2025:1959 https://access.redhat.com/errata/RHSA-2025:1959
RHSA-2025:1960 https://access.redhat.com/errata/RHSA-2025:1960
RHSA-2025:2034 https://access.redhat.com/errata/RHSA-2025:2034
RHSA-2025:2035 https://access.redhat.com/errata/RHSA-2025:2035
RHSA-2025:2121 https://access.redhat.com/errata/RHSA-2025:2121
RHSA-2025:2125 https://access.redhat.com/errata/RHSA-2025:2125
RHSA-2025:2126 https://access.redhat.com/errata/RHSA-2025:2126
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54543.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54543
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121837
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-05T15:24:18Z/ Found at https://support.apple.com/en-us/121837
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121839
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-05T15:24:18Z/ Found at https://support.apple.com/en-us/121839
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121843
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-05T15:24:18Z/ Found at https://support.apple.com/en-us/121843
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121844
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-05T15:24:18Z/ Found at https://support.apple.com/en-us/121844
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121845
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-05T15:24:18Z/ Found at https://support.apple.com/en-us/121845
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/121846
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-05T15:24:18Z/ Found at https://support.apple.com/en-us/121846
Exploit Prediction Scoring System (EPSS)
Percentile 0.34039
EPSS Score 0.00135
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:52:50.463739+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2024/54xxx/CVE-2024-54543.json 37.0.0