CERT-In Advisory
CIAD-2024-0027
Multiple Vulnerabilities in Apple Products
Original Issue Date: May 20, 2024
Severity Rating: High
Software Affected
- Apple iOS and iPadOS versions prior to 16.7.8
- Apple iOS and iPadOS versions prior to 17.5
- Apple macOS Monterey versions prior to 12.7.5
- Apple macOS Ventura versions prior to 13.6.7
- Apple macOS Sonoma versions prior to 14.5
- Apple Safari versions prior to 17.5
- Apple watchOS versions prior to 10.5
- Apple tvOS versions prior to 17.5
Overview
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, sensitive information disclosure, security restriction bypass and remote code execution on the targeted system.
Description
Multiple vulnerabilities have been reported in Apple products:
Solution
Apply appropriate security updates as mentioned in the Apple Security Updates
Vendor Information
Apple
https://support.apple.com/kb/HT214103
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214106
https://support.apple.com/kb/HT214107
https://support.apple.com/kb/HT214105
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214102
References
https://support.apple.com/kb/HT214103
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214106
https://support.apple.com/kb/HT214107
https://support.apple.com/kb/HT214105
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214102
CVE Name
CVE-2023-42861
CVE-2023-42893
CVE-2024-23229
CVE-2024-23236
CVE-2024-23296
CVE-2024-27789
CVE-2024-27796
CVE-2024-27798
CVE-2024-27803
CVE-2024-27804
CVE-2024-27810
CVE-2024-27813
CVE-2024-27816
CVE-2024-27818
CVE-2024-27821
CVE-2024-27822
CVE-2024-27824
CVE-2024-27825
CVE-2024-27827
CVE-2024-27829
CVE-2024-27834
CVE-2024-27835
CVE-2024-27837
CVE-2024-27839
CVE-2024-27841
CVE-2024-27842
CVE-2024-27843
CVE-2024-27847
CVE-2024-27852
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|