Skip to content
Site Header
Start Free Trial

Threat Research Knowledge Base

CVE-2024-27848

Description

CVE-2024-27848 is a security vulnerability in Apple's operating systems that could allow a malicious app to gain root privileges. The issue was addressed by Apple through improved permissions checking in macOS Sonoma 14.5, iOS 17.5, and iPadOS 17.5.

Get a Free Trial

Impact

Exploitation of this vulnerability could lead to unauthorized elevation of privileges by a malicious application. The severity of this issue has been assessed as follows:

NIST assessment

CVSS v3.1 Base Score: 7.8 (High)

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA-ADP assessment

CVSS v3.1 Base Score: 7.4 (High)

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Has been exploited in the wild

No

Operating systems impacted

  • macOS Sonoma (prior to 14.5)
  • iOS (prior to 17.5)
  • iPadOS (prior to 17.5)

Apps impacted

No apps impacted

Related

CVE-2024-44253

Exploitation of this vulnerability could lead to unauthorized modification of protected file system areas by an application. The severity of this issue has been assessed as follows:

CVE-2025-24236

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data by an application. The severity of this issue has been assessed as follows:

CVE-2025-30427

Exploitation of this vulnerability could lead to unexpected application termination, potentially affecting the user experience. The severity of this issue has been assessed as follows:

Manage and secure your Apple devices at scale.

Start Free Trial
Laptop and 2 popup windows