Security Alert (A24-12-11): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 12 December 2024

  
  

Description:

Apple has released iOS 18.2, iPadOS 17.7.3 and iPadOS 18.2 to fix the vulnerabilities in various Apple devices. The list of vulnerability information can be found at:
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121838

 

Affected Systems:

  • iPhone XS and later
  • iPad 6th generation and later, Air 3rd generation and later, mini 5th generation and later, Pro 10.5-inch, Pro 11-inch 1st generation and later, Pro 12.9-inch 2nd generation and later, Pro 13-inch

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security restriction bypass or spoofing on an affected device.

 

Recommendation:

Apple has released new version of iOS and iPadOS to address the issue.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/121837
  • https://support.apple.com/en-us/121838
  • https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20241212
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44201
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44225
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44245 (to CVE-2024-44246)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54479
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54485 (to CVE-2024-54486)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54492
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54494
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54500 (to CVE-2024-54503)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54505
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54508
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54510
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54513 (to CVE-2024-54514)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54526 (to CVE-2024-54527)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54534


Tag: Apple , iOS , iPhone , iPad , iPadOS
Tags