Multiple vulnerabilities in Apple products

ADVISORY!

TLP : CLEAR

Date : 19/09/2024

REF NO : CERT / 2024/09/83

Severity Level: High

Components Affected

Apple iOS versions prior to 18 and iPadOS versions prior to 18
Apple iOS versions prior to 17.7 and iPadOS versions prior to 17.7
Apple macOS Sonoma versions prior to 14.7
Apple macOS Ventura versions prior to 13.7
Apple macOS Sequoia versions prior to 15
Apple tvOS versions prior to 18
Apple watchOS versions prior to 11
Apple Safari versions prior to 18
Apple Xcode versions prior to 16
Apple visionOS versions prior to 2

Overview

Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges and perform spoofing attacks on the targeted system.

Description

Multiple vulnerabilities have been reported in Apple products:

Impact

Denial of Service
Security Restriction Bypass
Information Disclosure
Cross-Site Scripting
Spoofing
Elevation of privilege
Data Manipulation

Solution/ Workarounds

Apply appropriate software updates as mentioned in the Apple Security updates:

https://support.apple.com/en-us/121248
https://support.apple.com/en-us/121240
https://support.apple.com/en-us/121249
https://support.apple.com/en-us/121241
https://support.apple.com/en-us/121239
https://support.apple.com/en-us/121246
https://support.apple.com/en-us/121247
https://support.apple.com/en-us/121234

Reference

Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.

Sri Lanka Computer Emergency Readiness Team | Coordination Centre

Quick Links

Useful Links

Contact

Hotline : 101
+94 11 269 1692
Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
General inquiry: cert@cert.gov.lk
Security incidents: incidents@cert.gov.lk
Social media incidents: report@cert.gov.lk

ADVISORY!