CERT-In Advisory
CIAD-2024-0018
Multiple Vulnerabilities in Apple Products
Original Issue Date: March 19, 2024
Severity Rating: High
Software Affected
- Apple visionOS versions prior to 1.1
(Available for Apple Vision Pro)
- Apple tvOS versions prior to 17.4
(Available for Apple TV HD and Apple TV 4K (all models))
- Apple watchOS versions prior to 10.4
(Available for Apple Watch Series 4 and later)
- Apple macOS Monterey versions prior to 12.7.4
- Apple macOS Sonoma versions prior to 14.4
- Apple macOS Ventura versions prior to 13.6.5
- Apple Xcode versions prior to 15.3
(Available for macOS Sonoma 14 and later)
- Apple GarageBand versions prior to 10.4.11
(Available for: macOS Ventura and macOS Sonoma)
Overview
Multiple vulnerabilities have been reported in Apple Products which could allow an attacker to execute arbitrary code, bypass security restrictions, disclose sensitive information, gain elevated privileges or cause denial of service condition on the target system.
Description
Multiple vulnerabilities have been reported in various Apple Products:
Solution
Apply appropriate security updates as mentioned in the Apple Security updates:
https://support.apple.com/en-us/HT214092
https://support.apple.com/en-us/HT214087
https://support.apple.com/en-us/HT214086
https://support.apple.com/en-us/HT214088
https://support.apple.com/en-us/HT214083
https://support.apple.com/en-us/HT214085
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214090
Vendor Information
Apple
https://support.apple.com/en-us/HT214092
https://support.apple.com/en-us/HT214087
https://support.apple.com/en-us/HT214086
https://support.apple.com/en-us/HT214088
https://support.apple.com/en-us/HT214083
https://support.apple.com/en-us/HT214085
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214090
References
Apple
https://support.apple.com/en-us/HT214092
https://support.apple.com/en-us/HT214087
https://support.apple.com/en-us/HT214086
https://support.apple.com/en-us/HT214088
https://support.apple.com/en-us/HT214083
https://support.apple.com/en-us/HT214085
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214090
CVE Name
CVE-2022-42816
CVE-2022-48554
CVE-2023-28826
CVE-2023-42853
CVE-2023-48795
CVE-2023-51384
CVE-2023-51385
CVE-2024-0258
CVE-2024-23201
CVE-2024-23203
CVE-2024-23204
CVE-2024-23205
CVE-2024-23216
CVE-2024-23217
CVE-2024-23218
CVE-2024-23220
CVE-2024-23225
CVE-2024-23226
CVE-2024-23227
CVE-2024-23230
CVE-2024-23231
CVE-2024-23232
CVE-2024-23233
CVE-2024-23234
CVE-2024-23235
CVE-2024-23238
CVE-2024-23239
CVE-2024-23241
CVE-2024-23242
CVE-2024-23244
CVE-2024-23245
CVE-2024-23246
CVE-2024-23247
CVE-2024-23248
CVE-2024-23249
CVE-2024-23250
CVE-2024-23252
CVE-2024-23253
CVE-2024-23254
CVE-2024-23255
CVE-2024-23257
CVE-2024-23258
CVE-2024-23259
CVE-2024-23260
CVE-2024-23262
CVE-2024-23263
CVE-2024-23264
CVE-2024-23265
CVE-2024-23266
CVE-2024-23267
CVE-2024-23268
CVE-2024-23269
CVE-2024-23270
CVE-2024-23272
CVE-2024-23273
CVE-2024-23274
CVE-2024-23275
CVE-2024-23276
CVE-2024-23277
CVE-2024-23278
CVE-2024-23279
CVE-2024-23280
CVE-2024-23281
CVE-2024-23283
CVE-2024-23284
CVE-2024-23285
CVE-2024-23286
CVE-2024-23287
CVE-2024-23288
CVE-2024-23289
CVE-2024-23290
CVE-2024-23291
CVE-2024-23292
CVE-2024-23293
CVE-2024-23294
CVE-2024-23295
CVE-2024-23296
CVE-2024-23297
CVE-2024-23298
CVE-2024-23300
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|