Skip to main content

Apple Products Multiple Vulnerabilities

Last Update Date: 11 Aug 2021 Release Date: 22 Jul 2021 6342 Views

RISK: Medium Risk

TYPE: Operating Systems - Mac OS

TYPE: Mac OS

Multiple vulnerabilities were identified in Apple products, an attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure, security restriction bypass on the targeted system.

 

[Updated 23-July-2021] added Safari, tvOS and watchOS to "System / Technologies affected" sections

 

[Updated 11-August-2021] added iTunes to "System / Technologies affected" and "Related Links" sections


Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Versions prior to iOS 14.7
  • Versions prior to iPadOS 14.7
  • Versions prior to macOS Big Sur 11.5
  • Versions prior to macOS Mojave Security Update 2021-005 Mojave
  • Versions prior to macOS Catalina Security Update 2021-004 Catalina
  • Versions prior to Safari 14.1.2
  • Versions prior to tvOS 14.7
  • Versions prior to watchOS 7.6
  • Versions prior to iTunes 12.11.4 for Windows

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 
Apply fixes issued by the vendor:
 
  • iOS 14.7
  • iPadOS 14.7
  • macOS Big Sur 11.5
  • Security Update 2021-005 Mojave
  • Security Update 2021-004 Catalina
  • Safari 14.1.2
  • tvOS 14.7
  • watchOS 7.6
  • iTunes 12.11.4 for Windows

Vulnerability Identifier


Source


Related Link

https://support.apple.com/en-us/HT212601

https://support.apple.com/en-us/HT212602

https://support.apple.com/en-us/HT212600

https://support.apple.com/en-us/HT212603

https://support.apple.com/en-us/HT212604
https://support.apple.com/HT212605
https://support.apple.com/HT212606

https://support.apple.com/en-us/HT212609

https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/apple-releases-security-updates