Apple has released a security update in its latest iOS version 12.4 to fix 36 vulnerabilities identified in various iOS devices. These vulnerabilities could be exploited by enticing a user to open a specially crafted application, text message, file, malicious website, or answer a specially crafted phone call.
A successful attack could lead to arbitrary code execution, denial of service, data tampering, information disclosure or security restrictions bypass.
The product vendor has released iOS 12.4 to address the issues.
The updates can be obtained through the auto-update mechanism. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://support.apple.com/kb/HT210346
https://www.us-cert.gov/ncas/current-activity/2019/07/22/apple-releases-multiple-security-updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8644
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8646 (to CVE-2019-8649)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8657 (to CVE-2019-8658)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8660
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8662 (to CVE-2019-8663)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8665 (to CVE-2019-8666)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8671 (to CVE-2019-8673)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8676 (to CVE-2019-8690)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8698 (to CVE-2019-8699)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118