Skip to main content

Apple Products Multiple Vulnerabilities

Release Date: 20 Nov 2024 5396 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and cross-site scripting on the targeted system.

 

Note:

CVE-2024-44308 and CVE-2024-44309 are actively exploited in the wild. Attacker can exploit these vulnerabilities to achieve arbitrary code execution and cross-site scripting attack through malicious crafted web content respectively. 


Impact

  • Remote Code Execution
  • Cross-Site Scripting

System / Technologies affected

  • Versions prior to macOS Sequoia 15.1.1
  • Versions prior to iOS 17.7.2 and iPadOS 17.7.2
  • Versions prior to iOS 18.1.1 and iPadOS 18.1.1
  • Versions prior to visionOS 2.1.1
  • Versions prior to Safari 18.1.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  • macOS Sequoia 15.1.1
  • iOS 17.7.2 and iPadOS 17.7.2
  • iOS 18.1.1 and iPadOS 18.1.1
  • visionOS 2.1.1
  • Safari 18.1.1

Vulnerability Identifier


Source


Related Link