Multiple Vulnerabilities in Apple Products

Languages: සිංහල. Risk Level: High.

Components Affected

  • Versions prior to iOS 16.7.3 and iPadOS 16.7.3
  • Versions prior to iOS 17.2 and iPadOS 17.2
  • Versions prior to macOS Monterey 12.7.2
  • Versions prior to macOS Ventura 13.6.3
  • Versions prior to macOS Sonoma 14.2
  • Versions prior to Safari 17.2
  • Versions prior to tvOS 17.2
  • Versions prior to watchOS 10.2

Overview

Multiple vulnerabilities were identified in Apple Products, where a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and information disclosure on the targeted system.

Description

Multiple vulnerabilities in Apple products have been identified, posing a range of risks if exploited by a remote attacker. Among the potential threats are denial of service conditions, where the normal functioning of Apple devices or services could be disrupted, rendering them temporarily or permanently unavailable. Additionally, attackers could exploit spoofing vulnerabilities, allowing them to impersonate trusted entities and potentially gain unauthorized access. The most severe risks include the possibility of remote code execution, enabling attackers to execute arbitrary code on the targeted systems, potentially leading to complete compromise. Information disclosure vulnerabilities also pose a concern, as attackers may exploit flaws to access sensitive data on the targeted systems, compromising user privacy.

Impact

  • Remote Code Execution
  • Information Disclosure
  • Spoofing
  • Denial of Service

Solution/ Workarounds

Apply fixes issued by the vendor by updating to the following versions:

  • iOS 16.7.3 and iPadOS 16.7.3
  • iOS 17.2 and iPadOS 17.2
  • macOS Monterey 12.7.2
  • macOS Ventura 13.6.3
  • macOS Sonoma 14.2
  • Safari 17.2
  • tvOS 17.2
  • watchOS 10.2

Reference

Disclaimer

The information provided herein is on an “as is” basis, without warranty of any kind.

Recent Alerts