Apple Products Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, remote code execution, security restriction bypass, elevation of privilege, denial of service and data manipulation on the targeted system.
Note:
CVE-2022-22675 is being exploited in the wild.
The vulnerability is related to the AppleAVD (a kernel extension for audio and video decoding). The vulnerability can exploit the AppleAVD that allows malicious apps to run arbitrary code with kernel privileges on the targeted system.
[Updated on 2022-05-20]
Added iTunes for Windows to the "System / Technologies affected" and "Solution" sections
Impact
- Information Disclosure
- Remote Code Execution
- Elevation of Privilege
- Security Restriction Bypass
- Data Manipulation
- Denial of Service
System / Technologies affected
- Versions prior to Safari 15.5
- Versions prior to tvOS 15.5
- Versions prior to Xcode 13.4
- Versions prior to macOS Catalina Security Update 2022-004
- Versions prior to macOS Big Sur 11.6.6
- Versions prior to macOS Monterey 12.4
- Versions prior to iOS 15.5
- Versions prior to iPadOS 15.5
- Versions prior to watchOS 8.6
- Versions prior to iTunes for Windows 12.12.4
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Safari 15.5
- tvOS 15.5
- Xcode 13.4
- macOS Catalina Security Update 2022-004
- macOS Big Sur 11.6.6
- macOS Monterey 12.4
- iOS 15.5
- iPadOS 15.5
- watchOS 8.6
- iTunes for Windows 12.12.4
Vulnerability Identifier
- CVE-2015-4142
- CVE-2018-25032
- CVE-2021-4136
- CVE-2021-4166
- CVE-2021-4173
- CVE-2021-4187
- CVE-2021-4192
- CVE-2021-4193
- CVE-2021-44224
- CVE-2021-44790
- CVE-2021-45444
- CVE-2021-46059
- CVE-2022-0128
- CVE-2022-0530
- CVE-2022-0778
- CVE-2022-22589
- CVE-2022-22663
- CVE-2022-22665
- CVE-2022-22673
- CVE-2022-22674
- CVE-2022-22675
- CVE-2022-22677
- CVE-2022-22719
- CVE-2022-22720
- CVE-2022-22721
- CVE-2022-23308
- CVE-2022-24765
- CVE-2022-26693
- CVE-2022-26694
- CVE-2022-26697
- CVE-2022-26698
- CVE-2022-26700
- CVE-2022-26701
- CVE-2022-26702
- CVE-2022-26703
- CVE-2022-26704
- CVE-2022-26706
- CVE-2022-26708
- CVE-2022-26709
- CVE-2022-26710
- CVE-2022-26711
- CVE-2022-26712
- CVE-2022-26714
- CVE-2022-26715
- CVE-2022-26716
- CVE-2022-26717
- CVE-2022-26718
- CVE-2022-26719
- CVE-2022-26720
- CVE-2022-26721
- CVE-2022-26722
- CVE-2022-26723
- CVE-2022-26724
- CVE-2022-26725
- CVE-2022-26726
- CVE-2022-26727
- CVE-2022-26728
- CVE-2022-26731
- CVE-2022-26736
- CVE-2022-26737
- CVE-2022-26738
- CVE-2022-26739
- CVE-2022-26740
- CVE-2022-26741
- CVE-2022-26742
- CVE-2022-26743
- CVE-2022-26744
- CVE-2022-26745
- CVE-2022-26746
- CVE-2022-26747
- CVE-2022-26748
- CVE-2022-26749
- CVE-2022-26750
- CVE-2022-26751
- CVE-2022-26752
- CVE-2022-26753
- CVE-2022-26754
- CVE-2022-26755
- CVE-2022-26756
- CVE-2022-26757
- CVE-2022-26760
- CVE-2022-26761
- CVE-2022-26762
- CVE-2022-26763
- CVE-2022-26764
- CVE-2022-26765
- CVE-2022-26766
- CVE-2022-26767
- CVE-2022-26768
- CVE-2022-26769
- CVE-2022-26770
- CVE-2022-26771
- CVE-2022-26772
- CVE-2022-26773
- CVE-2022-26774
- CVE-2022-26775
- CVE-2022-26776
Source
Related Link
- https://support.apple.com/kb/HT213260
- https://support.apple.com/kb/HT213254
- https://support.apple.com/kb/HT213261
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213258
- https://support.apple.com/kb/HT213253
- https://support.apple.com/kb/HT213259
Related Tags
Share with