Apple Products Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and information disclosure on the targeted system.
Note:
For CVE-2023-42916 and CVE-2023-42917, processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.1.
[Updated on 2024-01-23]
Updated System / Technologies affected, Solutions and Related Links.
Apple also released the latest security bulletins for iOS, macOS, Safari, tvOS and WatchOS today. For details, please refer to https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20240123
Impact
- Remote Code Execution
- Information Disclosure
- Spoofing
- Denial of Service
System / Technologies affected
- Versions prior to iOS 15.8.1 and iPadOS 15.8.1
- Versions prior to iOS 16.7.3 and iPadOS 16.7.3
- Versions prior to iOS 17.2 and iPadOS 17.2
- Versions prior to macOS Monterey 12.7.2
- Versions prior to macOS Ventura 13.6.3
- Versions prior to macOS Sonoma 14.2
- Versions prior to Safari 17.2
- Versions prior to tvOS 17.2
- Versions prior to watchOS 10.2
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- iOS 15.8.1 and iPadOS 15.8.1
- iOS 16.7.3 and iPadOS 16.7.3
- iOS 17.2 and iPadOS 17.2
- macOS Monterey 12.7.2
- macOS Ventura 13.6.3
- macOS Sonoma 14.2
- Safari 17.2
- tvOS 17.2
- watchOS 10.2
Vulnerability Identifier
- CVE-2020-19185
- CVE-2020-19186
- CVE-2020-19187
- CVE-2020-19188
- CVE-2020-19189
- CVE-2020-19190
- CVE-2023-5344
- CVE-2023-42842
- CVE-2023-42874
- CVE-2023-42882
- CVE-2023-42883
- CVE-2023-42884
- CVE-2023-42886
- CVE-2023-42890
- CVE-2023-42891
- CVE-2023-42894
- CVE-2023-42897
- CVE-2023-42898
- CVE-2023-42899
- CVE-2023-42900
- CVE-2023-42901
- CVE-2023-42902
- CVE-2023-42903
- CVE-2023-42904
- CVE-2023-42905
- CVE-2023-42906
- CVE-2023-42907
- CVE-2023-42908
- CVE-2023-42909
- CVE-2023-42910
- CVE-2023-42911
- CVE-2023-42912
- CVE-2023-42914
- CVE-2023-42916
- CVE-2023-42917
- CVE-2023-42919
- CVE-2023-42922
- CVE-2023-42923
- CVE-2023-42924
- CVE-2023-42926
- CVE-2023-42927
- CVE-2023-42932
- CVE-2023-45866
Source
Related Link
- https://support.apple.com/en-us/HT214034
- https://support.apple.com/en-us/HT214035
- https://support.apple.com/en-us/HT214036
- https://support.apple.com/en-us/HT214037
- https://support.apple.com/en-us/HT214038
- https://support.apple.com/en-us/HT214039
- https://support.apple.com/en-us/HT214040
- https://support.apple.com/en-us/HT214041
- https://support.apple.com/en-us/HT214062
Related Tags
Share with