Multiplatform Remote Code Execution Vulnerability
Apple Security Logo

Multiplatform Remote Code Execution Vulnerability

Thendo Tshikota Thendo Tshikota

Thendo Tshikota

Computer Scientist

发布日期: 2024年4月18日
+ 关注

A security flaw has been discovered in versions of the dav1d AV1 decoder prior to 1.4.0. This flaw could allow attackers to execute malicious code on your device via a specially crafted video file.

Affected Platforms

iOS 17.4.1 and lower

iPadOS 17.4 and lower

macOS Sonoma 14.4 and lower

macOS Ventura 13.6.5 and lower

iOS 16.7.6 and lower (Older Devices)

iPadOS 16.7.6 and lower (Older Devices)

Affected Software

Safari 17.4 and lower

Solutions and mitigations

Install the latest iOS security updates.

Install the latest iPadOS security updates.

Install the latest macOS updates.

Vulnerability Details

CVE-ID: CVE-2024-1580

CVSS3.0 Score: 5.9 (Medium Severity)


Thendo Tech Tips Thendo Tech Tips

Thendo Tech Tips

194 位关注者

订阅

要查看或添加评论,请登录

Thendo Tshikota的更多文章

  • New Microsoft Excel Vulnerability: What You Need to Know and How to Stay Safe
    2025年1月29日

    New Microsoft Excel Vulnerability: What You Need to Know and How to Stay Safe

    A newly discovered vulnerability (or security flaw) in Microsoft Excel allows cybercriminals to run harmful programs on…

  • Apple Security Updates
    2024年5月27日

    Apple Security Updates

    iOS 17.5 and iPadOS 17.

  • Cuckoo: Spyware and Infostealer
    2024年5月7日

    Cuckoo: Spyware and Infostealer

    Beware Mac users, a new kind of malware called Cuckoo is lurking in the digital shadows. This recently discovered…

  • Every Update You Need to Install
    2024年5月1日

    Every Update You Need to Install

    This list provides information on the latest critical updates available for various operating systems, applications…

  • PlugX: A Self Reviving Malware with Global Reach
    2024年4月30日

    PlugX: A Self Reviving Malware with Global Reach

    The PlugX worm has become a persistent threat, evolving its tactics to stay relevant in the cybersecurity landscape…

  • From Friend to Fraud : Pig Butchering
    2024年4月29日

    From Friend to Fraud : Pig Butchering

    Pig butchering, a chilling name for a financial crime, has become a growing threat in the world of online investment…

  • Brokewell: The Android Malware Taking Over Devices
    2024年4月26日

    Brokewell: The Android Malware Taking Over Devices

    Brokewell, a dangerous new malware discovered in 2024, poses a significant threat to Android users. This banking trojan…

  • LightSpy Spyware: A Resurfacing Threat Targeting iPhones
    2024年4月25日

    LightSpy Spyware: A Resurfacing Threat Targeting iPhones

    LightSpy is a sophisticated spyware program targeting iPhone users, first discovered in 2020. This malicious software…

  • Trojans
    2024年4月24日

    Trojans

    Trojans, named after the infamous Trojan Horse of Greek mythology, are malicious software programs that masquerade as…

  • Threat 1: Social Engineering
    2024年4月23日

    Threat 1: Social Engineering

    In today's digital age, we fortify our defenses with firewalls, antivirus software, and complex passwords. Yet, these…

社区洞察

其他会员也浏览了