Primary

Context

Apple Products Out-of-Bounds Read Vulnerability in CoreText and CoreGraphics Components

Vulnerability

Patched

A vulnerability allowing out-of-bounds read operations has been identified in multiple Apple products, including visionOS 2.4, iOS 18.4, iPadOS 18.4, tvOS 18.4, and macOS Sequoia 15.4. This vulnerability arises from insufficient input validation when processing maliciously crafted fonts, which may lead to the unintentional disclosure of process memory.

Impact

Exploitation of this vulnerability can result in unauthorized access to process memory, potentially allowing for the extraction of sensitive information.

Remediation

Users can update to the latest versions of the affected operating systems to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Products Out-of-Bounds Read Vulnerability in CoreText and CoreGraphics Components

Vulnerability

Impact

Remediation

Affected Products

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating