Multiple Vulnerabilities in Apple Products
Severity Level: High
Date: 19/09/2024
Ref: CERT / 2024/09/83
Components Affected
- Apple iOS versions prior to 18 and iPadOS versions prior to 18
- Apple iOS versions prior to 17.7 and iPadOS versions prior to 17.7
- Apple macOS Sonoma versions prior to 14.7
- Apple macOS Ventura versions prior to 13.7
- Apple macOS Sequoia versions prior to 15
- Apple tvOS versions prior to 18
- Apple watchOS versions prior to 11
- Apple Safari versions prior to 18
- Apple Xcode versions prior to 16
- Apple visionOS versions prior to 2
Overview
Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, and perform spoofing attacks on the targeted system.
Impact
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
- Cross-Site Scripting
- Spoofing
- Elevation of Privilege
- Data Manipulation
Solution/Workarounds
Apply appropriate software updates as mentioned in the Apple Security updates:
- https://support.apple.com/en-us/121248
- https://support.apple.com/en-us/121240
- https://support.apple.com/en-us/121249
- https://support.apple.com/en-us/121241
- https://support.apple.com/en-us/121239
- https://support.apple.com/en-us/121246
- https://support.apple.com/en-us/121247
- https://support.apple.com/en-us/121234
Reference
Disclaimer
The information provided herein is on an “as is” basis, without warranty of any kind.
