Security Alert (A24-09-18): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 19 September 2024

  
  

Description:

Apple has released iOS 17.7, iOS 18, iPadOS 17.7 and iPadOS 18 to fix the vulnerabilities in various Apple devices. The list of vulnerability information can be found at:
https://support.apple.com/en-us/121246
https://support.apple.com/en-us/121250

 

Affected Systems:

  • iPhone XS and later
  • iPad 6th generation and later, Air 3rd generation and later, mini 5th generation and later, Pro 10.5-inch, Pro 11-inch 1st generation and later, Pro 12.9-inch 2nd generation and later, Pro 13-inch

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to denial of service, elevation of privilege, information disclosure, security restriction bypass, spoofing or tampering on an affected device.

 

Recommendation:

Apple has released new version of iOS and iPadOS to address the issue.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/121246
  • https://support.apple.com/en-us/121250
  • https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20240919
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5841
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27869
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27874
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27876
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27879 (to CVE-2024-27880)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40791
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40826
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40830
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40840
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40844
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40850
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40852
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40856 (to CVE-2024-40857)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40863
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44124
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44127
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44131
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44139
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44147
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44158
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44164 (to CVE-2024-44165)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44167
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44169 (to CVE-2024-44171)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44176
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44180
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44183 (to CVE-2024-44184)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44187
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44191
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44198
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44202


Tag: Apple , iOS , iPhone , iPad , iPadOS
Tags