Security Alert (A20-05-06): Multiple Vulnerabilities in Apple iOS and iPadOS


 

Published on: 27 May 2020

     
Email to

Description:

Apple has released iOS 12.4.7, iOS 13.5 and iPadOS 13.5 to fix multiple security vulnerabilities in various Apple devices. The list of vulnerability information can be found at:

 

Affected Systems:

  • iPhone 5s and later
  • iPad Air and later, iPad mini 2 and later
  • iPod touch 6th generation and iPod touch (7th generation)

 

Impact:

A successful attack could lead to arbitrary code execution, denial of service, data tampering, elevation of privilege, cross-site scripting, information disclosure, or security restrictions bypass.

 

Recommendation:

Apple has released new versions of iOS and iPadOS to address the issues on different Apple devices.

  • iOS 12.4.7 for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3 and iPod touch 6th generation
  • iOS 13.5 and iPadOS 13.5 for iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later and iPod touch 7th generation

The updates can be obtained through the auto-update mechanism.  Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

This link will open in a new windowhttps://support.apple.com/en-us/HT211168
This link will open in a new windowhttps://support.apple.com/en-us/HT211169
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20044
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3843
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3878
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6616
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9789 (to CVE-2020-9795)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9797
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9800
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9802
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9803
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9805 (to CVE-2020-9809)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9811 (to CVE-2020-9816)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9818 (to CVE-2020-9821)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9823
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9825 (to CVE-2020-9827)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9829
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9835
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9837 (to CVE-2020-9839)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9842 (to CVE-2020-9844)
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9848
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9850
This link will open in a new windowhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9852

 



Tag: Apple , iOS , iPhone , iPad , iPod , iPadOS
Tags