Security Alert (A24-10-25): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 29 October 2024

  
  

Description:

Apple has released iOS 17.7.1, iOS 18.1, iPadOS 17.7.1 and iPadOS 18.1 to fix the vulnerabilities in various Apple devices. The list of vulnerability information can be found at:
https://support.apple.com/en-us/121563
https://support.apple.com/en-us/121567

 

Affected Systems:

  • iPhone XS and later
  • iPad 6th generation and later, Air 3rd generation and later, mini 5th generation and later, Pro 10.5-inch, Pro 11-inch 1st generation and later, Pro 12.9-inch 2nd generation and later, Pro 13-inch

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to denial of service, information disclosure, security restriction bypass, spoofing or tampering on an affected device.

 

Recommendation:

Apple has released new version of iOS and iPadOS to address the issue.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/121563
  • https://support.apple.com/en-us/121567
  • https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20241029
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40851
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40867
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44144
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44155
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44194
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44215
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44218
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44229
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44235
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44239 (to CVE-2024-44240)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44244
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44251 (to CVE-2024-44252)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44254 (to CVE-2024-44255)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44258 (to CVE-2024-44259)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44261
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44263
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44269
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44273 (to CVE-2024-44274)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44277 (to CVE-2024-44278)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44282
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44285
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44296 (to CVE-2024-44297)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44302


Tag: Apple , iOS , iPhone , iPad , iPadOS
Tags