CERT-In Advisory
CIAD-2023-0039
Multiple vulnerabilities in Apple products
Original Issue Date: October 27, 2023
Severity Rating: High
Software Affected
- Apple iOS versions prior to 17.1 and iPadOS versions prior to 17.1
- Apple iOS versions prior to 16.7.2 and iPadOS versions prior to 16.7.2
- Apple iOS versions prior to 15.8 and iPadOS versions prior to 15.8
- Apple macOS Sonoma versions prior to 14.1
- Apple macOS Ventura versions prior to 13.6.1
- Apple macOS Monterey versions prior to 12.7.1
- Apple tvOS versions prior to 17.1
- Apple watchOS versions prior to 10.1
- Apple Safari versions prior to 17.1
Overview
Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges and perform spoofing attacks on the targeted system.
Description
Multiple vulnerabilities have been reported in Apple products:
Solution
Apply appropriate software updates as mentioned in the Apple Security updates:
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213981
https://support.apple.com/en-us/HT213990
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT213985
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213987
https://support.apple.com/en-us/HT213988
https://support.apple.com/en-us/HT213986
Vendor Information
Apple
https://support.apple.com/en-us/HT213982
https://support.apple.com/en-us/HT213981
https://support.apple.com/en-us/HT213990
https://support.apple.com/en-us/HT213984
https://support.apple.com/en-us/HT213985
https://support.apple.com/en-us/HT213983
https://support.apple.com/en-us/HT213987
https://support.apple.com/en-us/HT213988
https://support.apple.com/en-us/HT213986
CVE Name
CVE-2023-41072
CVE-2023-42857
CVE-2023-40449
CVE-2023-40413
CVE-2023-40416
CVE-2023-40423
CVE-2023-42849
CVE-2023-40408
CVE-2023-42846
CVE-2023-42847
CVE-2023-42845
CVE-2023-42841
CVE-2023-41982
CVE-2023-41997
CVE-2023-41988
CVE-2023-40445
CVE-2023-41254
CVE-2023-40447
CVE-2023-41976
CVE-2023-42852
CVE-2023-41983
CVE-2023-41977
CVE-2023-32359
CVE-2023-32434
CVE-2023-30774
CVE-2023-40444
CVE-2023-41989
CVE-2023-42854
CVE-2023-42844
CVE-2023-38403
CVE-2023-42850
CVE-2023-42861
CVE-2023-40405
CVE-2023-42856
CVE-2023-40404
CVE-2023-42438
CVE-2023-40421
CVE-2023-42842
CVE-2023-4733
CVE-2023-4734
CVE-2023-4735
CVE-2023-4736
CVE-2023-4738
CVE-2023-4750
CVE-2023-4751
CVE-2023-4752
CVE-2023-4781
CVE-2023-41975
CVE-2023-41077
CVE-2023-40401
CVE-2023-40425
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|