|CERT-In Vulnerability Note
Multiple Vulnerabilities in Apple iOS and iPadOS
Original Issue Date:July 29, 2022
Severity Rating: HIGH
- Apple iOS and iPadOS versions prior to 15.6
Multiple vulnerabilities have been reported in Apple iOS and iPadOS which could be exploited by a remote attacker to execute arbitrary code, bypass security restrictions and cause denial of service condition on the targeted system.
These vulnerabilities exist in Apple iOS and iPadOS due to out-of-bounds write in Audio, GPU Drivers, ICU and WebKit; buffer overflow in AppleAVD; authorization issue in AppleMobileFileIntegrity; logic issue in File System Events, Home, ImageIO, Kernel and PluginKit; memory corruption in GPU Drivers, IOMobileFrameBuffer and WebRTC; information disclosure in iCloud Photo Library; out-of-bounds read in ImageIO and Kernel; memory initialization in libxml2; type confusion in multi-touch. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a maliciously crafted web content.
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, cause denial of service condition and bypass security on the targeted system.
Apply appropriate patches as mentioned in the
Apple Security Updates
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003