Multiple Vulnerabilities in Apple iOS and iPadOS
Original Issue Date: July 22, 2020
Severity Rating: High
- Apple iOS and iPadOS versions prior to 13.6
Multiple vulnerabilities have been reported in Apple iOS and iPadOS which could allow a remote attacker to execute arbitrary code with kernel privileges, cause denial of service conditions, access sensitive information, bypass security restrictions, hijack VPN connections or perform cross site scripting attacks on a targeted system.
Multiple vulnerabilities exist in Apple iOS and iPadOS due to out-of-bounds read and write errors, multiple memory corruption issues, improper input validation, improper state management, improper access restrictions, insufficient verification and checks, buffer overflow error, use after free error, improper escaping and other logical errors in Audio, AVEVideoEncoder, Bluetooth, CoreFoundation, Crash Reporter, GeoServices, iAP, ImageIO, Kernel, Mail, Messages, Model I/O, Safari Login AutoFill, Safari Reader, WebKit, WebKit Page Loading, WebKit Web Inspector and Wi-Fi components of the software.
Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code with kernel privileges, cause denial of service conditions, access sensitive information, bypass security restrictions, hijack VPN connections or perform cross site scripting attacks on the targeted system.
Apply appropriate updates mentioned in the
Apple security updates
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003