Security Alert (A19-03-06): Multiple Vulnerabilities in Apple iOS


 

Published on: 26 March 2019

  
  

Description:

Apple has released a security update in its latest iOS version 12.2 to fix 50 vulnerabilities identified in various iOS devices. These vulnerabilities could be exploited by enticing a user to open a specially crafted application, file, font, email, text message, or malicious website. An attacker may also bypass security features with physical access.

 

Affected Systems:

  • iPhone 5s and later
  • iPad Air and later
  • iPod touch (6th generation)

 

Impact:

A successful attack could lead to arbitrary code execution, cross site scripting, denial of service, elevate privileges, data tampering, information disclosure, security restrictions bypass or spoofing.

 

Recommendation:

The product vendor has released iOS 12.2 to address the issues.

The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

https://support.apple.com/kb/HT209599
https://www.hkcert.org/my_url/en/alert/19032601
https://www.us-cert.gov/ncas/current-activity/2019/03/25/Apple-Releases-Multiple-Security-Updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6237
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7284
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7293
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8502 (CVE-2019-8506)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8510 (CVE-2019-8512)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8514 (CVE-2019-8518)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8521
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8523
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8527
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8540 (CVE-2019-8542)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8544 (CVE-2019-8546)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8549 (CVE-2019-8554)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8559
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8565 (CVE-2019-8567)

 



Tag: Apple , iOS , iPhone , iPad , iPod
Tags