VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-wdsd-3d6b-aaar

Essentials
Severities (116)
References (23)
Severity details (28)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-wdsd-3d6b-aaar
Aliases	CVE-2024-27838
Summary	The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.
Status	Published
Exploitability	0.5
Weighted Severity	5.9
Risk	3.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27838.json
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00088	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00212	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00215	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00215	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00215	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0046	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0046	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0046	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0046	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0046	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0046	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0054	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
epss	0.0077	https://api.first.org/data/v1/epss?cve=CVE-2024-27838
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2024/Jun/5
ssvc	Track	http://seclists.org/fulldisclosure/2024/Jun/5
cvssv3.1	6.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-27838
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-27838
cvssv3.1	6.5	https://support.apple.com/en-us/HT214100
cvssv3.1	6.5	https://support.apple.com/en-us/HT214100
ssvc	Track	https://support.apple.com/en-us/HT214100
ssvc	Track	https://support.apple.com/en-us/HT214100
cvssv3.1	6.5	https://support.apple.com/en-us/HT214101
cvssv3.1	6.5	https://support.apple.com/en-us/HT214101
ssvc	Track	https://support.apple.com/en-us/HT214101
ssvc	Track	https://support.apple.com/en-us/HT214101
cvssv3.1	6.5	https://support.apple.com/en-us/HT214102
ssvc	Track	https://support.apple.com/en-us/HT214102
cvssv3.1	6.5	https://support.apple.com/en-us/HT214103
ssvc	Track	https://support.apple.com/en-us/HT214103
cvssv3.1	6.5	https://support.apple.com/en-us/HT214104
ssvc	Track	https://support.apple.com/en-us/HT214104
cvssv3.1	6.5	https://support.apple.com/en-us/HT214106
cvssv3.1	6.5	https://support.apple.com/en-us/HT214106
ssvc	Track	https://support.apple.com/en-us/HT214106
ssvc	Track	https://support.apple.com/en-us/HT214106
cvssv3.1	6.5	https://support.apple.com/en-us/HT214108
cvssv3.1	6.5	https://support.apple.com/en-us/HT214108
ssvc	Track	https://support.apple.com/en-us/HT214108
ssvc	Track	https://support.apple.com/en-us/HT214108

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27838.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-27838
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27838
		http://seclists.org/fulldisclosure/2024/Jun/5
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://support.apple.com/en-us/HT214100
		https://support.apple.com/en-us/HT214101
		https://support.apple.com/en-us/HT214102
		https://support.apple.com/en-us/HT214103
		https://support.apple.com/en-us/HT214104
		https://support.apple.com/en-us/HT214106
		https://support.apple.com/en-us/HT214108
2314702		https://bugzilla.redhat.com/show_bug.cgi?id=2314702
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-27838		https://nvd.nist.gov/vuln/detail/CVE-2024-27838
RHSA-2024:8180		https://access.redhat.com/errata/RHSA-2024:8180
RHSA-2024:9636		https://access.redhat.com/errata/RHSA-2024:9636

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27838.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2024/Jun/5

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at http://seclists.org/fulldisclosure/2024/Jun/5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-27838

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-27838

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214100

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214100

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214100

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214101

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214101

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214101

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214102

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214102

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214103

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214103

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214104

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214104

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214106

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214106

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214106

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214108

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT214108

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T14:48:32Z/ Found at https://support.apple.com/en-us/HT214108

Exploit Prediction Scoring System (EPSS)

Percentile	0.37226
EPSS Score	0.00083
Published At	Dec. 17, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-06-11T08:51:29.505180+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2024-27838	34.0.0rc4