CERT-In Advisory
CIAD-2024-0046
Multiple vulnerabilities in Apple products
Original Issue Date: September 19, 2024
Severity Rating: High
Software Affected
- Apple iOS versions prior to 18 and iPadOS versions prior to 18
- Apple iOS versions prior to 17.7 and iPadOS versions prior to 17.7
- Apple macOS Sonoma versions prior to 14.7
- Apple macOS Ventura versions prior to 13.7
- Apple macOS Sequoia versions prior to 15
- Apple tvOS versions prior to 18
- Apple watchOS versions prior to 11
- Apple Safari versions prior to 18
- Apple Xcode versions prior to 16
- Apple visionOS versions prior to 2
Overview
Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges and perform spoofing attacks on the targeted system.
Description
Multiple vulnerabilities have been reported in Apple products:
Solution
Apply appropriate software updates as mentioned in the Apple Security updates:
https://support.apple.com/en-us/121250
https://support.apple.com/en-us/121238
https://support.apple.com/en-us/121248
https://support.apple.com/en-us/121240
https://support.apple.com/en-us/121249
https://support.apple.com/en-us/121241
https://support.apple.com/en-us/121239
https://support.apple.com/en-us/121246
https://support.apple.com/en-us/121247
https://support.apple.com/en-us/121234
References
Apple
https://support.apple.com/en-us/121250
https://support.apple.com/en-us/121238
https://support.apple.com/en-us/121248
https://support.apple.com/en-us/121240
https://support.apple.com/en-us/121249
https://support.apple.com/en-us/121241
https://support.apple.com/en-us/121239
https://support.apple.com/en-us/121246
https://support.apple.com/en-us/121247
https://support.apple.com/en-us/121234
CVE Name
CVE-2024-40825
CVE-2024-40826
CVE-2024-40830
CVE-2024-40797
CVE-2024-40801
CVE-2024-40814
CVE-2024-40831
CVE-2024-40837
CVE-2024-40838
CVE-2024-40840
CVE-2024-40841
CVE-2024-40842
CVE-2024-40843
CVE-2024-40844
CVE-2024-40845
CVE-2024-40846
CVE-2024-40847
CVE-2024-40848
CVE-2024-40850
CVE-2024-40852
CVE-2024-40856
CVE-2024-40857
CVE-2024-40859
CVE-2024-40860
CVE-2024-40861
CVE-2024-40862
CVE-2024-40863
CVE-2024-40866
CVE-2024-41957
CVE-2024-44124
CVE-2024-44125
CVE-2024-44127
CVE-2024-44128
CVE-2024-44129
CVE-2024-44130
CVE-2024-44131
CVE-2024-44132
CVE-2024-44133
CVE-2024-44134
CVE-2024-44135
CVE-2024-44139
CVE-2024-44146
CVE-2024-44147
CVE-2024-44148
CVE-2024-44149
CVE-2024-44151
CVE-2024-44152
CVE-2024-44153
CVE-2024-44154
CVE-2024-44158
CVE-2024-44160
CVE-2024-44161
CVE-2024-44162
CVE-2024-44163
CVE-2024-44164
CVE-2024-44165
CVE-2024-44166
CVE-2024-44167
CVE-2024-44168
CVE-2024-44169
CVE-2024-44170
CVE-2024-44171
CVE-2024-44176
CVE-2024-44177
CVE-2024-44178
CVE-2024-44180
CVE-2024-44181
CVE-2024-44182
CVE-2024-44183
CVE-2024-44184
CVE-2024-44186
CVE-2024-44187
CVE-2024-44188
CVE-2024-44189
CVE-2024-44190
CVE-2024-44191
CVE-2024-44198
CVE-2024-44202
CVE-2023-4504
CVE-2023-5841
CVE-2024-23237
CVE-2024-27795
CVE-2024-27858
CVE-2024-27860
CVE-2024-27861
CVE-2024-27869
CVE-2024-27874
CVE-2024-27875
CVE-2024-27876
CVE-2024-27879
CVE-2024-27880
CVE-2024-27886
CVE-2024-39894
CVE-2024-40770
CVE-2024-40790
CVE-2024-40791
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|